CVE Catalog

CVE-2026-7787

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.30%

21th percentile - higher than 21% of all known CVEs

Summary

IBM Langflow OSS versions 1.0.0 through 1.9.1 could allow an authenticated user to read or modify sensitive information by bypassing authentication using insecure direct object references.

Risk Assessment

The organization may be exposed to unauthorized access to sensitive data, potentially leading to privacy breaches and loss of customer trust.

Recommendation

It is recommended to upgrade to the latest version of IBM Langflow OSS and implement additional security measures to prevent unauthorized access.

Original NVD description (English source)

IBM Langflow OSS 1.0.0 through 1.9.1 could allow an authenticated user to read or modify sensitive information by bypassing authentication using insecure direct object references.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS