LOW
langflow-ai
CVE published 2026-06-22
CVE-2026-12822
CVE-2026-12822 is a low-severity vulnerability in langflow-ai langflow up to 1.9.3. The issue affects an unknown function of the Bundle URL Loader component, allowing for code injection. The attack requires local access. The vendor, langflow-ai, was contacted but did not respond. Given the low CVSS score of 1.9, this issue has a relatively low priority posture. However, defenders should still assess their [truncated]