New Vulnerabilities Disclosed: CVE-2025-7064 and CVE-2026-7787 Affect Major Systems

On June 11, 2026, two significant vulnerabilities were published: CVE-2025-7064 and CVE-2026-7787. CVE-2025-7064 affects ABB Freelance systems from versions 2013 to 2024, allowing authentication bypass. CVE-2026-7787 impacts IBM Langflow OSS versions 1.0.0 through 1.9.1, enabling unauthorized access to sensitive information. Both vulnerabilities are associated with common weaknesses in authentication and authorization. No specific exploits have been confirmed yet, but proof-of-concept exploits are being monitored on GitHub. The vulnerabilities have been documented with curated lists of external resources for mitigation. Security professionals are advised to stay updated on these vulnerabilities as they may pose a risk if exploited.

Key Points: • CVE-2025-7064 allows authentication bypass in ABB Freelance systems. • CVE-2026-7787 enables unauthorized access in IBM Langflow OSS versions. • Both vulnerabilities were published on June 11, 2026, with no confirmed exploits yet.