CyberRota
← Ana sayfaya dön

CVE-2026-9202

CRITICAL · CVSS 9.8

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-07-17T18:17:17.490 · Çekilme zamanı: 2026-07-18T00:06:30.891804+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2026-9202
Severity
CRITICAL
CVSS
9.8
EPSS
Yok

Orijinal NVD Açıklaması

IBM Langflow OSS 1.0.0 through 1.10.0 allows unauthenticated attackers to create unlimited user accounts on any Langflow instance; when NEW_USER_IS_ACTIVE=true (documented deployment option), newly created accounts are immediately active and can authenticate to reach RCE endpoints, bypassing the need for AUTO_LOGIN.