CVE-2026-4503

· NIST NVD ↗

IBM Langflow Desktop 1.0.0 through 1.8.4 Langflow could allow an unauthenticated user to view other users' images due to an indirect object reference through a user-controlled key.

HIGH
CVSS severity
7.5
CVSS base score
2026-04-30
Published

CWE codes

CWE-639

Affected products

langflow:langflow_desktop

Sources