CVE-2026-7871
Received Received - Intake

IBM Langflow OSS Remote Code Execution via Redis Access

Vulnerability report for CVE-2026-7871, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-30

Last updated on: 2026-06-30

Assigner: IBM Corporation

Description

IBM Langflow OSS 1.0.0 through 1.10.0 allows users with Redis access to execute arbitrary code with full application privileges, compromising all secrets, data, and system integrity.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-30
Last Modified
2026-06-30
Generated
2026-07-01
AI Q&A
2026-06-30
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
ibm langflow_oss From 1.0.0 (inc) to 1.10.0 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-502 The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-7871 is a deserialization vulnerability in the Redis cache backend used by IBM Langflow OSS versions 1.0.0 through 1.10.0. It allows attackers who have network access to the Redis instance to execute arbitrary code with full application privileges by injecting malicious serialized payloads.

This happens because the cache service uses the Python function `dill.loads()` to deserialize cached values without verifying their integrity, which means untrusted data can be executed.

The vulnerability is severe, with a CVSS base score of 9.8, and is tracked under CWE-502 (Deserialization of Untrusted Data).

IBM fixed this issue by adding HMAC-SHA256 signature verification on all cached values, ensuring only payloads signed with the server secret are deserialized.

Impact Analysis

This vulnerability can have a critical impact because it allows attackers to execute arbitrary code with full application privileges.

As a result, attackers can compromise all secrets, data, and the integrity of the system running Langflow OSS.

This could lead to unauthorized data access, data manipulation, system takeover, and potentially further attacks within the affected environment.

Detection Guidance

This vulnerability involves the deserialization of malicious payloads via the Redis cache backend used by Langflow OSS. Detection would focus on monitoring network access to the Redis instance and inspecting for suspicious serialized payloads being sent to the cache.

Since the vulnerability exploits the use of `dill.loads()` without integrity verification, detection could involve monitoring Redis commands or traffic for unusual or unexpected serialized data patterns.

However, no specific detection commands or tools are provided in the available resources.

Mitigation Strategies

The primary mitigation step is to upgrade IBM Langflow OSS to version 1.10.1 or later, where the vulnerability has been addressed.

The fix involves implementing HMAC-SHA256 signature verification on all cached values to ensure only payloads signed with the server secret are deserialized.

No workarounds are available, so upgrading is the recommended immediate action.

Compliance Impact

The vulnerability in IBM Langflow OSS allows attackers to execute arbitrary code with full application privileges, compromising all secrets, data, and system integrity.

Such a compromise can lead to unauthorized access and potential exposure of sensitive personal or protected health information, which would negatively impact compliance with standards and regulations like GDPR and HIPAA that require protection of data confidentiality and integrity.

Therefore, this vulnerability poses a significant risk to meeting the security requirements mandated by these regulations.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-7871. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart