CVE-2026-9135 | IBM Langflow up to 1.10.0 Policies Flow.data node_template[“code”] code injection
A vulnerability was found in IBM Langflow up to 1.10.0. It has been classified as critical. This affects an unknown part of the file Flow.data of the component Policies. This manipulation of the argument node_template[“code”] causes code injection.
The identification of this vulnerability is CVE-2026-9135. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More