CVE-2026-3346 - Stored Cross-Site Scripting (XSS) in Langflow Markdown Rendering via rehypeRaw
CVE ID :CVE-2026-3346 Published : April 30, 2026, 9:16 p.m. | 44 minutes ago Description :IBM Langflow Desktop 1.6.0 through 1.8.4 Lanflow is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus alterin
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Former incident responders sentenced to 4 years in prison for committing ransomware attacks
- [CYBER] New Linux 'Copy Fail' Vulnerability Enables Root Access On Major Distros
- [CYBER] Email security help - KnowBe4 vs Abnormal/Sublime?
- [CYBER] 'It quickly becomes an efficient and economically feasible solution': This wild saltwater hack could make data centers cooler, cheaper, and unexpectedly water-positive
- [CYBER] CVE-2026-1577 - IBM® Db2® is vulnerable to a denial of service with a specially crafted query involving multiple subqueries
- [CYBER] CVE-2025-36122 - IBM® Db2® is vulnerable to a denial of service with a specially crafted query when stmtheap is set to automatic