PatchSiren cyber security CVE debrief
CVE-2026-3341 IBM CVE debrief
CVE-2026-3341 is a server-side request forgery (SSRF) vulnerability in IBM Langflow Desktop 1.0.0 through 1.9.2. An authenticated attacker could send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. The vulnerability has a CVSS score of 5.4 and a severity of MEDIUM.
- Vendor
- IBM
- Product
- Langflow Desktop
- CVSS
- MEDIUM 5.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-11
- Original CVE updated
- 2026-06-11
- Advisory published
- 2026-06-11
- Advisory updated
- 2026-06-11
Who should care
Users of IBM Langflow Desktop 1.0.0 through 1.9.2 should apply patches or mitigations to prevent exploitation of this vulnerability.
Technical summary
The vulnerability is caused by a lack of proper validation of requests sent to the IBM Langflow Desktop system. This allows an authenticated attacker to send unauthorized requests, potentially leading to network enumeration or facilitating other attacks.
Defensive priority
MEDIUM
Recommended defensive actions
- Apply patches or mitigations provided by IBM to prevent exploitation of this vulnerability.
- Restrict access to the IBM Langflow Desktop system to only trusted users and networks.
- Monitor system logs for suspicious activity.
Evidence notes
The CVE record was obtained from the official CVE.org website [cve-org]. Additional information was obtained from the NVD detail page [nvd] and the IBM support page [ref-4].
Official resources
-
CVE-2026-3341 CVE record
CVE.org
-
CVE-2026-3341 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-3341 was published on 2026-06-11T16:16:22.770Z and modified on 2026-06-11T20:56:29.653Z.