{"vulnerability": "cve-2026-10561", "sightings": [{"uuid": "cca50acb-8698-40a5-b2a2-f6be81f07e0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10561", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3movakaqy3q2m", "content": "CVE-2026-10561 - Unauthenticated Remote Code Execution in Langflow OSS PythonREPLComponent via Builtins Injection\nCVE ID : CVE-2026-10561\n \n Published : June 22, 2026, 1:22 p.m. | 2\u00a0hours, 21\u00a0minutes ago\n \n Description : IBM Langflow OSS 1.0.0 through 1.9.3 has an vulnerabilit...", "creation_timestamp": "2026-06-22T15:52:17.216940Z"}, {"uuid": "6d3a191d-11c8-49bb-bf00-0334554ac054", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10561", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116794133423406732", "content": "A new vulnerability with increased severity was disclosed for IBM Langflow OSS (CVE-2026-10561) https://vuldb.com/vuln/372672", "creation_timestamp": "2026-06-22T14:04:10.819432Z"}, {"uuid": "bda7b1c6-0e9d-43f5-9fb2-c9d5db2ee5d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10561", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116794354131566974", "content": "IBM Langflow OSS v1.0.0 \u2013 1.9.3 hit by CRITICAL code injection (CVE-2026-10561, CVSS 10). Auth bypass enables unauth'd RCE & total compromise. No patch yet \u2014 track IBM advisories for updates. https://radar.offseq.com/threat/cve-2026-10561-cwe-94-improper-control-of-generati-066ce4d0e72e70d2 #OffSeq #Infosec #CVE202610561", "creation_timestamp": "2026-06-22T15:00:15.139173Z"}, {"uuid": "4a41ff7b-4053-4ecd-916a-dec10509cf77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10561", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mov5n7s5ms2m", "content": "CRITICAL code injection in IBM Langflow OSS (1.0.0 \u2013 1.9.3): CVE-2026-10561 enables unauthenticated RCE. No patch yet \u2014 monitor IBM advisories. https://radar.offseq.com/threat/cve-2026-10561-cwe-94-improper-control-of-generati-066ce4d0e72e70d2 #OffSeq #Vuln #CVE202610561", "creation_timestamp": "2026-06-22T15:00:15.896902Z"}, {"uuid": "f32c1847-8130-43e3-8cde-503072df441a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10561", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3movcuf36ud2y", "content": "CVE-2026-10561 - Unauthenticated Remote Code Execution in Langflow OSS PythonREPLComponent via Builtins Injection\nCVE ID : CVE-2026-10561\n \n Published : June 22, 2026, 1:22 p.m. | 1\u00a0hour, 48\u00a0minutes ago\n \n Description : IBM Langflow OSS 1.0.0 through 1.9.3 has an vulnerability...", "creation_timestamp": "2026-06-22T16:33:44.652960Z"}]}