CVE-2026-7664

CRITICAL

Unauthenticated Flow Execution via Webhook Endpoint in Langflow OSS

Title source: cna
STIX 2.1

Description

IBM Langflow OSS 1.0.0 through 1.8.4 could allow unauthenticated attackers to access protected MCP project resources and execute MCP operations due to improper authorization enforcement in the Streamable MCP transport endpoint.

References (1)

Core 1
Core References
Vendor Advisory vendor-advisory patch
https://www.ibm.com/support/pages/node/7277243

Scores

CVSS v3 9.8
EPSS 0.0028
EPSS Percentile 19.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-287
Status published
Products (2)
IBM/Langflow OSS 1.0.0 - 1.8.4
langflow/langflow 1.0.0 - 1.8.4
Published Jun 22, 2026
Tracked Since Jun 22, 2026