CVE-2026-7700 | langflow-ai langflow up to 1.8.4 LambdaFilterComponent lambda_filter.p eval code injection

A vulnerability was found in langflow-ai langflow up to 1.8.4 and classified as critical. This affects the function eval of the file src/lfx/src/lfx/components/llm_operations/lambda_filter.p of the component LambdaFilterComponent. Executing a manipulation can lead to code injection.

This vulnerability appears as CVE-2026-7700. The attack may be performed from remote. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-7700 | langflow-ai langflow up to 1.8.4 LambdaFilterComponent lambda_filter.p eval code injection

Post correlati

CVE-2024-24789 | Google Go up to 1.21.10/1.22.3 archive-zip information disclosure

CVE-2024-22200 | vantage6-UI up to 4.1.x Nginx information disclosure (GHSA-8wxq-346h-xmr8)

CVE-2026-3839 | Unraid 6.8.0/7.0.0/7.0.1 path traversal

CVE-2024-34217 | Totolink CP450 4.1.0cu.747_B20191224 addWlProfileClientMode stack-based overflow