{"base": "http://127.0.0.1:7860", "name": "cve-2026-10129-direct-ctrl", "login_status": 200, "auth_mode": "bearer", "attacker_whoami_status_before": 200, "attacker_user_id": "a4905877-7864-4a57-83ee-d3f1d43da8b3", "attacker_is_superuser_before": true, "lowpriv_admin_list_status_before": 200, "lowpriv_admin_list_body_before": "{\"total_count\":2,\"users\":[{\"id\":\"7f890ffb-f36d-4d3a-b08b-f042915f1d69\",\"username\":\"admin\",\"profile_image\":null,\"store_api_key\":null,\"is_active\":true,\"is_superuser\":true,\"create_at\":\"2026-07-05T09:38:39.302271\",\"updated_at\":\"2026-07-05T09:39:23.436992", "flow_id": "566403a0-6994-4475-afa8-4b2c66b09f5e", "build_status": 200, "events_bytes": 12807, "marker_found": false, "ssrf_blocked": true, "reached_internal": false, "stolen_admin_token_found": false, "stolen_admin_token_redacted": "", "privilege_escalation_observed": false, "snippet": "uest\", \"sender_name\": \"API Request\", \"session_id\": \"566403a0-6994-4475-afa8-4b2c66b09f5e\", \"context_id\": null, \"text\": \"SSRF Protection: Hostname 127.0.0.1 resolves to blocked IP address(es): 127.0.0.1. To allow this hostname, add it to LANGFLOW_SSRF_ALLOWED_HOSTS environment variable.\\n\", \"files\": [], \"error\": false, \"edit\": false, \"properties\": {\"text_color\": \"red\", \"background_color\": \"red\", \"edited\": false, \"sour"}
