OS Command Injection in Flowise - #VU126236
Published: April 15, 2026
Vulnerability identifier: #VU126236
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: N/A
CWE-ID: CWE-78
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: FlowiseAI
Affected software:
Flowise
Flowise
Detailed vulnerability description
The vulnerability allows a remote user to execute arbitrary commands.
The vulnerability exists due to improper neutralization of special elements used in an os command in the MCP adapter Custom MCP stdio configuration when processing user-supplied stdio command arguments. A remote user can add a crafted MCP stdio server configuration with an arbitrary command to execute arbitrary commands.
The issue is exposed through the Custom MCP configuration in the canvas interface.
Remediation
Install security update from vendor's website.