CVE-2026-7663 | IBM Langflow OSS up to 1.9.6 Streamable MCP Transport Endpoint improper authorization

SecurityVulns

A vulnerability has been found in IBM Langflow OSS up to 1.9.6 and classified as critical. The impacted element is an unknown function of the component Streamable MCP Transport Endpoint. The manipulation leads to improper authorization.

This vulnerability is traded as CVE-2026-7663. It is possible to initiate the attack remotely. There is no exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More