External risk intelligence

IBM Langflow OSS Missing Authentication Information Disclosure and Denial of Service

CVE advisorySeverity: CRITICAL (CVSS 9.1)

CVE-2026-10560

The vulnerability resides in a publicly accessible API endpoint of Langflow, which is commonly deployed as a web application or service interface. Since the affected endpoints are designed to interact with build processes over a network and do not require authentication, they are frequently reachable when the application is hosted in a standard web-facing configuration.

Authentication Bypass

Langflow

1.0.0 to 1.9.6

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

External exposure likelihood

Horizon Alert

Summary of the vulnerability and why it matters

IBM Langflow OSS, used in build processes, has a vulnerability that could allow unauthorized access to sensitive build data or disruption of services, impacting information confidentiality and system availability.

  • Unauthenticated users can access build data or cancel jobs.
  • It could expose build information or disrupt operations.
  • Confirm if this tool is in use and assess potential exposure.

Attack Path

How an attacker could exploit the issue

An unauthenticated attacker can reach a specific API endpoint in Langflow over the network. By providing a valid job identifier, the attacker can access build event data or cancel ongoing jobs, leading to the disclosure of sensitive information and a denial-of-service condition.

  • No authentication needed for access.
  • Attackers can query build events or cancel jobs.
  • Information disclosure and denial of service.

Live Threat

Current exploitation, exposure, and threat context

This vulnerability could expose build event data and allow for job cancellations, impacting the integrity and availability of the build process when these specific API endpoints are accessible.

  • Build event data may be disclosed.
  • Unauthenticated access to API endpoints.
  • Information disclosure and service disruption.

Operational Fix

Recommended remediation, mitigation, and detection steps

This vulnerability affects IBM Langflow OSS, impacting its API endpoints used for build processes. Application owners or platform teams are likely responsible for managing Langflow deployments and should initiate the first steps by identifying all instances of the affected technology, assessing their reachability and business criticality, and confirming the accountable owner. This will inform a risk-based remediation plan, which may involve vendor coordination or other mitigation strategies.

  • Identify affected Langflow instances.
  • Confirm exposure and critical business impact.
  • Plan remediation with accountable owners.

Supplementary metadata

Validate whether this threat affects your internet-facing exposure.

Halo Threat Intelligence helps prioritize remediation with Halo Surface Signal and H/A/L/O context. Start exposure validation with a free external attack surface trial.

Frequently asked questions

What is IBM Langflow OSS?

Langflow is an open-source tool used to build and manage workflows, particularly for data processing and AI applications. It provides a visual interface for constructing these pipelines and includes API endpoints to handle build operations and job management.

What does CVE-2026-10560 mean for security?

This vulnerability is classified as Improper Authentication (CWE-287). It means the software fails to verify who is requesting data, allowing anyone with network access to interact with specific build management functions without logging in.

How does an attacker trigger this vulnerability?

An attacker can reach specific API endpoints—specifically those managing public build information—and send requests to read data or stop jobs. The flaw is not triggered if the attacker lacks a valid job identifier, as they must provide one to successfully query or cancel a specific task.

Is my Langflow deployment at risk?

Halo Surface Signal indicates the risk is likely because these API endpoints are designed to be network-accessible. If your Langflow instance is hosted as a web-facing service, it is highly probable that these endpoints are reachable by unauthorized parties over the internet.

What should I do if I run Langflow?

Start by auditing your network environment to locate all running instances of Langflow. Determine if these instances are accessible to unauthorized users, identify who owns each deployment, and assess how critical the build data is to your operations so you can prioritize necessary security updates.

References