CVE-2026-12822 langflow-ai CVE debrief

Who should care

Defenders responsible for systems using langflow-ai langflow up to 1.9.3 should assess their exposure to this vulnerability. Although the CVSS severity is low, local code injection can still pose risks, especially in environments with untrusted local users. Reviewing system configurations, ensuring proper access controls, and monitoring for suspicious activity are prudent steps.

Technical summary

The vulnerability CVE-2026-12822 affects langflow-ai langflow up to version 1.9.3. It is located in the Bundle URL Loader component and allows for code injection. The Common Vulnerabilities and Exposures (CVE) score is 1.9, indicating a low severity. The vulnerability is categorized under CWE-74 and CWE-94. The attack vector requires local access (AV:L), and the impact is limited (VC:L, VI:L, VA:L).

Defensive priority

Low priority due to local attack requirement and low CVSS score, but still requires attention in multi-user environments.

Recommended defensive actions

• Inventory systems using langflow-ai langflow up to 1.9.3 to assess exposure.
• Review and limit access to the Bundle URL Loader component.
• Monitor for suspicious activity indicating potential code injection attempts.
• Consider upgrading to a version beyond 1.9.3 if available.
• Review system configurations for proper access controls.

Evidence notes

The primary evidence for CVE-2026-12822 comes from Vuldb and NVD. The vulnerability affects langflow-ai langflow up to 1.9.3. Evidence limits suggest that the vendor did not respond to disclosure. Affected product/version/scope verification is needed from official sources.

Official resources