ZDI-26-307: FlowiseAI Flowise Airtable_Agent Code Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Flowise. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2026-41265.
ORIGINAL SOURCE →via Zero Day Initiative
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] cPanel Yazılımındaki Kritik Güvenlik Açığı Milyonlarca Siteyi Tehdit Ediyor
- [CYBER] Severe Linux Copy Fail security flaw uncovered using AI scanning help
- [CYBER] DeFi Sets New Hack Record as April Logs 28 Exploits with $635M Stolen - thedefiant.io
- [CYBER] MITRE ATT&CK: el mapa del crimen que todo profesional de seguridad debería conocer
- [CYBER] Linux kernel vulnerabilities without distro notice: what this changes in my Ubuntu/Railway stack
- [CYBER] Linux kernel vulnerabilidades sin aviso a distros: lo que esto cambia en mi stack Ubuntu/Railway