CVE-2026-3357
Deserialization Vulnerability in IBM Langflow Enables Code Execution
Publication date: 2026-04-08
Last updated on: 2026-04-14
Assigner: IBM Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| langflow | langflow | From 1.6.0 (inc) to 1.8.3 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-502 | The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
This vulnerability can have severe impacts because it allows an authenticated attacker to execute arbitrary code on the affected system.
Since the attacker gains the backend service's privileges, they could potentially take full control of the system, leading to unauthorized access, data theft, data corruption, or disruption of services.
The CVSS score indicates high impact on confidentiality, integrity, and availability, meaning sensitive data could be exposed or altered, and system operations could be interrupted.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
There are no specific detection commands or network/system detection methods provided for this vulnerability.
What immediate steps should I take to mitigate this vulnerability?
IBM recommends remediating this vulnerability by upgrading IBM Langflow Desktop to version 1.8.3 or later.
No workarounds or mitigations are available other than upgrading.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows an authenticated attacker to execute arbitrary code on the system, leading to a high impact on confidentiality, integrity, and availability of data.
Such a compromise could potentially lead to unauthorized access or manipulation of sensitive data, which may affect compliance with standards and regulations like GDPR and HIPAA that require protection of personal and health information.
However, the provided information does not explicitly state the direct impact on compliance with these standards.
Can you explain this vulnerability to me?
The CVE-2026-3357 vulnerability affects IBM Langflow Desktop versions 1.6.0 through 1.8.2, specifically in the FAISS Vector Store component used for retrieval-augmented generation workflows.
The issue is caused by an insecure default setting that allows unsafe deserialization of untrusted Python Pickle data. This means that an authenticated attacker can upload a maliciously crafted Pickle file and configure the component to load it.
Exploiting this vulnerability enables the attacker to execute arbitrary code on the system with the backend service's privileges, effectively allowing remote code execution.
This vulnerability is classified under CWE-502 (Deserialization of Untrusted Data) and has a high severity score (CVSS v3.1 base score of 8.8).