{"document":{"category":"csaf_vex","csaf_version":"2.0","title":"CVE-2026-7664: Unauthenticated Flow Execution via Webhook Endpoint in Langflow OSS","publisher":{"category":"vendor","name":"HarborGuard Database","namespace":"https://database.harborguard.co"},"tracking":{"id":"CVE-2026-7664","status":"final","version":"1","initial_release_date":"2026-06-22T14:10:25.584Z","current_release_date":"2026-06-23T18:48:23.307Z","revision_history":[{"date":"2026-06-22T14:10:25.584Z","number":"1","summary":"Initial machine-readable export from HarborGuard."}]},"distribution":{"tlp":{"label":"WHITE"},"text":"Public CVE data; freely redistributable."},"notes":[{"category":"description","text":"IBM Langflow OSS 1.0.0 through 1.8.4 could allow unauthenticated attackers to access protected MCP project resources and execute MCP operations due to improper authorization enforcement in the Streamable MCP transport endpoint.","title":"CVE description"}],"references":[{"category":"self","summary":"CVE-2026-7664 on HarborGuard Database","url":"https://database.harborguard.co/cve/CVE-2026-7664"},{"category":"external","summary":"CVE Record","url":"https://www.cve.org/CVERecord?id=CVE-2026-7664"},{"category":"external","summary":"ibm.com","url":"https://www.ibm.com/support/pages/node/7277243"}]},"product_tree":{"branches":[{"category":"vendor","name":"IBM","branches":[{"category":"product_name","name":"Langflow OSS","branches":[{"category":"product_version_range","name":">=1.0.0 <=1.8.4","product":{"name":"IBM Langflow OSS >=1.0.0 <=1.8.4","product_id":"CSAFPID-1","product_identification_helper":{"cpe":"cpe:2.3:a:ibm:langflow_oss:*:*:*:*:*:*:*:*"}}}]}]}]},"vulnerabilities":[{"cve":"CVE-2026-7664","title":"Unauthenticated Flow Execution via Webhook Endpoint in Langflow OSS","notes":[{"category":"description","text":"IBM Langflow OSS 1.0.0 through 1.8.4 could allow unauthenticated attackers to access protected MCP project resources and execute MCP operations due to improper authorization enforcement in the Streamable MCP transport endpoint.","title":"CVE description"}],"product_status":{"known_affected":["CSAFPID-1"]},"scores":[{"cvss_v3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL"},"products":["CSAFPID-1"]}],"remediations":[{"category":"none_available","details":"No fixed version is published yet. Monitor the upstream advisory.","product_ids":["CSAFPID-1"]}]}]}