CVE-2026-7687 in langflowinfo

Zusammenfassung

von MITRE • 03.05.2026

A vulnerability was determined in langflow-ai langflow up to 1.8.4. Affected by this issue is the function CodeParser.parse_callable_details of the file src/lfx/src/lfx/custom/code_parser/code_parser.py of the component Full Builtins Module Handler. Executing a manipulation can lead to command injection. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

VulDB

Veröffentlichung

03.05.2026

Moderieren

akzeptiert

Eintrag

VDB-360857

CPE

bereit

CWE

CWE-77 (bestätigt)

Exploit

Download

CVSS

6.3 (VulDB)

EPSS

0.00421

KEV

nein

Aktivitäten

very low

Sektor

Energy, Lawfirm, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-7687
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-7687
CVE Details	https://www.cvedetails.com/cve/CVE-2026-7687/

◂ Zurück Übersicht Weiter ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!