CVE-2026-7466 - AgentFlow Arbitrary Python Pipeline Execution via pipeline_path
CVE ID :CVE-2026-7466 Published : April 29, 2026, 7:16 p.m. | 24 minutes ago Description :AgentFlow contains an arbitrary code execution vulnerability that allows attackers to execute local Python pipeline files by supplying a user-controlled pipeline_path parameter to the POST /api/runs and P
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] SWEAT protocol thwarts multi-million dollar exploit, restores user balances
- [CYBER] CVE-2026-7408 - SourceCodester Pizzafy Ecommerce System ajax.php save_menu sql injection
- [CYBER] CVE-2026-7407 - SourceCodester Pizzafy Ecommerce System Setting ajax.php save_settings sql injection
- [CYBER] CVE-2026-7404 - getsimpletool mcpo-simple-server base_manager.py delete_shared_prompt path traversal
- [CYBER] CVE-2026-7403 - geldata gel-mcp server.py fetch_rule path traversal
- [CYBER] CVE-2026-1858 - wget2 Improper Certificate Validation