Unrestricted Command Execution Vulnerability in Flowise by FlowiseAI
CVE-2026-41265

9.2CRITICAL

Key Information:

Vendor: Flowiseai
Status: Flowise
Vendor: CVE Published:; 23 April 2026

What is CVE-2026-41265?

Flowise, a drag & drop interface for building customized large language model flows, contains a vulnerability in the Airtable_Agents class prior to version 3.1.0. The flaw arises from inadequate sandboxing when executing Python scripts generated by an LLM. An unauthenticated attacker can exploit this flaw using prompt injection, enabling them to send crafted prompts to a chatflow that could lead to the execution of malicious Python scripts on the Flowise server. This security risk has been addressed in version 3.1.0.

Affected Version(s)

Flowise < 3.1.0

References

https://github.com/FlowiseAI/Flowise/security/advisories/...

x_refsource_CONFIRM

CVSS V4

Score:

9.2

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 23, 2026
Vulnerability Reserved
Apr 18, 2026

CVE-2026-41265 Data

JSON

Flowiseai

What is CVE-2026-41265?

Affected Version(s)

References

CVSS V4

Timeline