CVE-2026-6600 | langflow-ai langflow up to 1.8.3 Frontend React Component Rendering edit-message.tsx cross site scripting

A vulnerability, which was classified as problematic, was found in langflow-ai langflow up to 1.8.3. This affects an unknown function of the file src/frontend/src/modals/IOModal/components/chatView/chatMessage/components/edit-message.tsx of the component Frontend React Component Rendering. Executing a manipulation can lead to cross site scripting.

The identification of this vulnerability is CVE-2026-6600. The attack may be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-6600 | langflow-ai langflow up to 1.8.3 Frontend React Component Rendering edit-message.tsx cross site scripting

Post correlati

CVE-2024-53742 | Prism I.T. Systems Multilevel Referral Affiliate Plugin for WooCommerce cross site scripting

CVE-2026-40458 | PAC4J up to 5.7.9/6.4.0 String.hashCode cross-site request forgery

CVE-2025-71127 | Linux Kernel up to 6.1.159/6.6.119/6.12.64/6.18.3/6.19-rc3 mac80211 privilege escalation

CVE-2026-4432 | YITH WooCommerce Wishlist Plugin up to 4.12.x on WordPress AJAX /wishlist/ save_title authorization