Unauthenticated Flow Execution via Webhook Endpoint in Langflow OSS

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

IBM Langflow OSS 1.0.0 through 1.8.4 could allow unauthenticated attackers to access protected MCP project resources and execute MCP operations due to improper authorization enforcement in the Streamable MCP transport endpoint.

AI Analysis

Unauthenticated attackers can access protected MCP project resources and execute MCP operations due to improper authorization in the Streamable MCP transport endpoint.

Basic Information

ID CVE-2026-7664

Source ibm

Published Jun 22, 2026 at 14:10

Affected Product

Vendor IBM

Product Langflow OSS

Version 1.0.0

Affected Versions IBM Langflow OSS 1.0.0

CWE Classification

CWE-287

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor IBM

Product Langflow OSS

Version 1.0.0-1.8.4

References

www.ibm.com /support/pages/node/7277243

{
    "lastseen": "",
    "description": "IBM Langflow OSS 1.0.0 through 1.8.4 could allow unauthenticated attackers to access protected MCP project resources and execute MCP operations due to improper authorization enforcement in the Streamable MCP transport endpoint.",
    "published": "2026-06-22T14:10:25.584Z",
    "modified": "2026-06-22T14:10:25.584Z",
    "type": "cve",
    "title": "Unauthenticated Flow Execution via Webhook Endpoint in Langflow OSS",
    "source": "ibm",
    "references": "https://www.ibm.com/support/pages/node/7277243",
    "id": "CVE-2026-7664",
    "bulletinFamily": "",
    "cwe": [
        "CWE-287"
    ],
    "cvelist": null,
    "sourceData": "IBM Langflow OSS 1.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Langflow OSS",
    "version": "1.0.0",
    "vendor": "IBM",
    "ai_description": "Unauthenticated attackers can access protected MCP project resources and execute MCP operations due to improper authorization in the Streamable MCP transport endpoint.",
    "ai_severity": "Critical",
    "ai_vendor": "IBM",
    "ai_product": "Langflow OSS",
    "ai_version": "1.0.0-1.8.4",
    "ai_score": 9.8
}

Unauthenticated Flow Execution via Webhook Endpoint in Langflow OSS_CVE-2026-7664