CVE-2026-13448 | IBM Langflow up to 1.10.1 Public Flow Build Endpoint /api/v1/build_public_tmp validate_public_flow_no_code_execution incomplete blacklist
A vulnerability was found in IBM Langflow up to 1.10.1. It has been declared as critical. Affected by this issue is the function validate_public_flow_no_code_execution of the file /api/v1/build_public_tmp of the component Public Flow Build Endpoint. Such manipulation leads to incomplete blacklist.
This vulnerability is uniquely identified as CVE-2026-13448. The attack can be launched remotely. No exploit exists.VulDB Recent EntriesRead More