CVE-2026-10546 | IBM Langflow OSS up to 1.9.3 url.py server-side request forgery
A vulnerability, which was classified as critical, was found in IBM Langflow OSS up to 1.9.3. This impacts an unknown function of the file src/lfx/src/lfx/components/data_source/url.py. The manipulation results in server-side request forgery.
This vulnerability is reported as CVE-2026-10546. The attack can be launched remotely. No exploit exists.
You should upgrade the affected component.VulDB Recent EntriesRead More