A vulnerability categorized as critical has been discovered in IBM Langflow OSS up to 1.10.0. Impacted is the function
auto_login of the file /api/v1/login/auto_login of the component Auto Login Endpoint. Executing a manipulation can lead to improper authentication.
This vulnerability is tracked as CVE-2026-9103. The attack can be launched remotely. No exploit exists.