Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-10560

IBM Langflow OSS 1.0.0 through 1.9.6 contains a missing authentication vulnerability in /api/v1/build_public_tmp/ endpoints that allows an unauthenticated attacker to read build event data or cancel jobs using a valid job identifier, resulting in information disclosure and denial of service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 19.0%
CVSS Severity
CVSS v3 Score 8.2
Products affected by CVE-2026-10560


Contact Us

Shodan ® - All rights reserved