CVE-2026-41271 - Flowise: APIChain Prompt Injection SSRF in GET/POST API Chains
CVE ID :CVE-2026-41271 Published : April 23, 2026, 7:17 p.m. | 32 minutes ago Description :Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Server-Side Request Forgery (SSRF) vulnerability exists in FlowiseAI's POST/GET API Chain compon
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Attempted hack on my Microsoft account. Was it a VPN node?
- [CYBER] KelpDAO hack news: Aave leads DeFi bailout push after $292M crypto exploit - CoinDesk
- [CYBER] US, UK agencies warn hackers were hiding on Cisco firewalls long after patches were applied
- [CYBER] Speaking Freely: Lizzie O'Shea
- [CYBER] Dragos: Despite AI use, new malware targeting water plants is ‘hype’
- [CYBER] Trump’s pick to run US cyber agency CISA asks to drop out