CVE-2026-7524

CRITICAL NVD

CVSS Score 9.8

Severity CRITICAL

Published May 27, 2026

Vendor unknown

Description

IBM Langflow OSS 1.0.0 through 1.9.1 could allow remote code execution due to improper validation of symbolic links during archive extraction.