CVE-2026-7754
IBM Langflow OSS 1.0.0 through 1.10.0 Langflow 1.9.0 could allow server-side request forgery (SSRF) due to insecure default configuration an
CVSS
7.7
High
EPSS
—
KEV
—
Exploit Today
—
0-100
Published: Jul 17, 2026 · Last modified: Jul 17, 2026
Not enough EPSS history yet.
IBM Langflow OSS 1.0.0 through 1.10.0 Langflow 1.9.0 could allow server-side request forgery (SSRF) due to insecure default configuration and incomplete enforcement of the SSRF protection mechanism.
No related CVEs by CWE or product.