Loading market data...
← Back to CVE feed

CVE-2026-12822

MEDIUM CVSS 5.3 View on NVD ↗

Description

A vulnerability was identified in langflow-ai langflow up to 1.9.3. This affects an unknown function of the component Bundle URL Loader. The manipulation leads to code injection. The attack needs to be performed locally. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Published: Jun 22, 2026 00:16 UTC Modified: Jun 22, 2026 00:16 UTC