Executive Summary

CVE-2026-7664 is a critical vulnerability in IBM Langflow OSS versions 1.0.0 through 1.8.4 that allows unauthenticated attackers to execute arbitrary flows via the webhook endpoint.

The POST /api/v1/webhook/{flow_id} endpoint executes any user's flow without authentication because the WEBHOOK_AUTH_ENABLE setting defaults to False. This means the webhook handler trusts the caller unconditionally and does not perform any credential checks.

As a result, attackers can inject a full request body as input to all webhook components, gaining complete control over component inputs and allowing unauthorized execution of flows.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can have severe impacts because it allows unauthenticated attackers to execute arbitrary operations within the affected IBM Langflow OSS environment.

Attackers can gain complete control over component inputs and execute flows without any authorization, potentially leading to unauthorized data access, manipulation, or disruption of services.

Given the CVSS base score of 9.8, the vulnerability is considered critical and can compromise confidentiality, integrity, and availability of the system.

Useful 0 Not Useful 0

Compliance Impact

The vulnerability in IBM Langflow OSS allows unauthenticated attackers to access and execute protected project resources without authorization. This unauthorized access and control over data flows could lead to exposure or manipulation of sensitive data, which may violate data protection requirements under common standards and regulations such as GDPR and HIPAA.

Specifically, since the vulnerability enables attackers to execute arbitrary flows and control component inputs without authentication, it undermines the confidentiality, integrity, and availability of data. This lack of proper authorization enforcement could result in non-compliance with regulatory mandates that require strict access controls and protection of personal or sensitive health information.

Organizations using affected versions of Langflow OSS should consider this vulnerability a critical risk to compliance and are strongly advised to upgrade to version 1.9.1 to remediate the issue.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability involves the POST /api/v1/webhook/{flow_id} endpoint executing flows without authentication due to the WEBHOOK_AUTH_ENABLE setting being disabled by default.

To detect this vulnerability on your system, you can check if the Langflow OSS version is between 1.0.0 and 1.8.4 and verify if the WEBHOOK_AUTH_ENABLE setting is set to False.

You may also monitor network traffic for unauthenticated POST requests to the /api/v1/webhook/ endpoint that trigger flow executions.

Specific commands are not provided in the resources, but you can use tools like curl or network monitoring utilities to test the endpoint, for example:

• curl -X POST http://<langflow_host>/api/v1/webhook/<flow_id> -d '<payload>' -v
• Check the configuration file or environment variables for WEBHOOK_AUTH_ENABLE setting.

Useful 0 Not Useful 0

Mitigation Strategies

IBM strongly recommends upgrading Langflow OSS to version 1.9.1 or later to remediate this critical vulnerability.

There are no available workarounds for this vulnerability, so applying the update is the primary mitigation step.

Useful 0 Not Useful 0