CVE-2026-13445
Received Received - Intake

Path Traversal in IBM Langflow OSS

Vulnerability report for CVE-2026-13445, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-17

Last updated on: 2026-07-17

Assigner: IBM Corporation

Description

IBM Langflow OSS 1.0.0 through 1.10.1 can allow an authenticated attacker to exploit the SaveToFile component to read and modify another user's uploaded files by specifying absolute paths pointing to victim storage locations. In append mode, the attacker's workflow reads victim file contents, appends attacker-controlled data, and uploads a copy containing victim data to the attacker's namespace (confidentiality breach). In overwrite mode, the attacker can replace victim file contents with arbitrary data (integrity breach). This breaks the storage ownership boundary between users.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-17
Last Modified
2026-07-17
Generated
2026-07-18
AI Q&A
2026-07-18
EPSS Evaluated
N/A
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
ibm langflow From 1.0.0 (inc) to 1.10.1 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-639 The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

IBM Langflow OSS versions 1.0.0 through 1.10.1 have a vulnerability where an authenticated attacker can use the SaveToFile component to read or modify files belonging to other users by specifying absolute file paths. This allows attackers to access sensitive data or overwrite files, breaking user storage boundaries.

Detection Guidance

Check for unauthorized file access or modifications in user storage locations. Review logs for SaveToFile component usage with absolute paths. Look for unexpected file uploads containing mixed user data.

Impact Analysis

If you use IBM Langflow OSS in this version range, an attacker with access could read your uploaded files or replace them with malicious content. This could lead to data theft, unauthorized modifications, or further attacks using your compromised files.

Compliance Impact

This vulnerability likely violates GDPR and HIPAA requirements for data confidentiality and integrity. It enables unauthorized access to personal or health data, potentially leading to regulatory fines and legal consequences for non-compliance.

Mitigation Strategies

Disable the SaveToFile component in IBM Langflow OSS. Restrict file path inputs to prevent absolute path usage. Update to a patched version if available. Monitor for suspicious file activities.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-13445. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart