CVE-2026-3357
Published: 08 April 2026
Summary
CVE-2026-3357 is a high-severity Deserialization of Untrusted Data (CWE-502) vulnerability in Langflow Langflow. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 29.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 CM-6 (Configuration Settings) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Timely flaw remediation through vendor patches directly addresses and corrects the insecure deserialization vulnerability in the FAISS component.
Establishing and enforcing secure configuration settings mitigates the insecure default that permits deserialization of untrusted data.
Information input validation helps prevent the processing of malicious serialized data that exploits the deserialization flaw.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability allows remote arbitrary code execution via unsafe deserialization by a low-privileged authenticated user, directly enabling Exploitation for Privilege Escalation (T1068) and Exploitation of Remote Services (T1210).
NVD Description
IBM Langflow Desktop 1.6.0 through 1.8.2 Langflow could allow an authenticated user to execute arbitrary code on the system, caused by an insecure default setting which permits the deserialization of untrusted data in the FAISS component.
Deeper analysisAI
CVE-2026-3357 affects IBM Langflow Desktop versions 1.6.0 through 1.8.2, where an insecure default setting in the FAISS component permits the deserialization of untrusted data. This vulnerability enables an authenticated user to execute arbitrary code on the system and is classified under CWE-502 (Deserialization of Untrusted Data). It carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its network accessibility, low attack complexity, and significant impacts across confidentiality, integrity, and availability.
An authenticated user with low privileges can exploit this issue remotely by providing malicious input that triggers unsafe deserialization in the FAISS component. No user interaction is required, allowing the attacker to achieve arbitrary code execution on the targeted system, potentially leading to full compromise.
IBM provides details on mitigations and patches in their security advisory at https://www.ibm.com/support/pages/node/7268428.
Details
- CWE(s)