Description
IBM Langflow Desktop 1.6.0 through 1.8.4 Lanflow is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Published: 2026-04-30
Score: 6.4 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

IB Langflow Desktop 1.6.0 through 1.8.4 contains a stored cross‑site scripting vulnerability that allows an authenticated user to embed arbitrary JavaScript code in the web UI via markdown rendering. The flaw is a classic stored XSS, classified as CWE‑89, which can compromise confidentiality by exposing credentials stored in a trusted session.

Affected Systems

IBM Langflow Desktop versions 1.6.0 through 1.8.4 are impacted. The vulnerability arises when users create or edit markdown content that is rendered unsanitized by the rehypeRaw processor.

Risk and Exploitability

The CVSS score of 6.4 indicates a moderate severity. While an EPSS score is not available, the attack vector requires an authenticated user to first compromise the application, then embed malicious content that later triggers when other users view it. Because the exploit is stored, anyone who loads the affected content could be exposed. The vulnerability is not listed in the CISA KEV catalog, but the potential for credential theft warrants prompt mitigation.

Generated by OpenCVE AI on May 2, 2026 at 00:15 UTC.

Remediation

Vendor Solution

IBM recommends addressing the vulnerability now by upgrading to IBM Langflow Desktop 1.9.0 or newer https://www.langflow.org/blog/langflow-1-8-desktopIf you are already using Langflow Desktop, upgrade in the application to version 1.9.0To install Langflow Desktop for the first time, visit Download Langflow Desktop.

OpenCVE Recommended Actions

  • Upgrade IBM Langflow Desktop to version 1.9.0 or later to eliminate the vulnerable markdown processor
  • Configure the application to remove or replace the rehypeRaw processor, ensuring that raw HTML is sanitized or stripped from markdown content
  • Restrict the ability to create or edit markdown to trusted users only and conduct regular audits of stored content for suspicious scripts

Generated by OpenCVE AI on May 2, 2026 at 00:15 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 01 May 2026 17:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 30 Apr 2026 21:15:00 +0000

Type Values Removed Values Added
Description IBM Langflow Desktop 1.6.0 through 1.8.4 Lanflow is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Title Stored Cross-Site Scripting (XSS) in Langflow Markdown Rendering via rehypeRaw
First Time appeared Ibm
Ibm langflow Desktop
Weaknesses CWE-89
CPEs cpe:2.3:a:ibm:langflow_desktop:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:langflow_desktop:1.8.4:*:*:*:*:*:*:*
Vendors & Products Ibm
Ibm langflow Desktop
References
Metrics cvssV3_1

{'score': 6.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N'}

Subscriptions

Ibm Langflow Desktop
cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published:

Updated: 2026-05-01T16:38:14.702Z

Reserved: 2026-02-27T16:11:36.537Z

Link: CVE-2026-3346

cve-icon Vulnrichment

Updated: 2026-05-01T16:38:09.359Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-30T21:16:32.610

Modified: 2026-05-01T15:27:15.287

Link: CVE-2026-3346

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-02T00:30:16Z

Weaknesses