CVE-2026-7664
CRITICAL
NVD
CVSS Score
9.8
Severity
CRITICAL
Published
Jun 22, 2026
Vendor
unknown
Description
IBM Langflow OSS 1.0.0 through 1.8.4 could allow unauthenticated attackers to access protected MCP project resources and execute MCP operations due to improper authorization enforcement in the Streamable MCP transport endpoint.