Product
IBM Langflow Desktop versions 1.0.0 through 1.8.4 are vulnerable to an indirect object reference (IDOR) vulnerability (CVE-2026-4503), allowing unauthenticated users to view other users' images due to a user-controlled key.