#VU126236 OS Command Injection in Flowise
Published: April 15, 2026
Vulnerability identifier: #VU126236
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: N/A
CWE-ID: CWE-78
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Flowise
Flowise
Software vendor:
FlowiseAI
FlowiseAI
Description
The vulnerability allows a remote user to execute arbitrary commands.
The vulnerability exists due to improper neutralization of special elements used in an os command in the MCP adapter Custom MCP stdio configuration when processing user-supplied stdio command arguments. A remote user can add a crafted MCP stdio server configuration with an arbitrary command to execute arbitrary commands.
The issue is exposed through the Custom MCP configuration in the canvas interface.
Remediation
Install security update from vendor's website.