Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
Critical Flowise Vulnerability Exploit Code Released

Critical Flowise Vulnerability Exploit Code Released

Posted on May 30, 2026 By CWS

Obsidian Security has published detailed insights and proof-of-concept (PoC) code for a serious remote code execution (RCE) vulnerability in the Flowise platform. This vulnerability, identified as CVE-2026-40933 and rated with a CVSS score of 9.9, was initially reported in April, alongside other security issues affecting AI ecosystems utilizing Anthropic’s MCP protocol.

Understanding the Flowise Vulnerability

Flowise, a widely-used open-source platform facilitating the creation of LLM flows and AI agents through a drag-and-drop interface, has garnered over 52,000 stars on GitHub. It has been identified as one of the systems susceptible to this vulnerability. According to OX Security, the vulnerability stems from a systemic command injection flaw within the Anthropic MCP, which compromises the entire ecosystem.

Technical Details and Exploitation

The National Institute of Standards and Technology (NIST) advisory explains that CVE-2026-40933 arises from unsafe serialization of stdio commands in the MCP adapter. This design flaw allows attackers to introduce an MCP stdio server with arbitrary commands, leading to code execution. Flowise versions preceding 3.1.0 permitted any user to add new MCP commands, paving the way for potential exploitation.

Obsidian highlights that attackers could exploit this vulnerability by persuading users to import a tailored chatflow, initiating arbitrary code execution on the server. This exploit requires either a malicious insider or a compromised user account to add a Custom MCP Tool with a harmful stdio MCP configuration.

Impact and Mitigation

A remote attacker could embed a harmful command within a Custom MCP Tool configuration, export it as JSON, and share it with the target. The import action, leveraging Flowise’s legitimate features, facilitates the execution of the malicious command. Obsidian’s PoC code demonstrates how this could establish a shell back to Docker’s bridge address.

Successful exploitation results in OS-level execution with the Flowise process’s privileges, potentially root in containerized environments. This exposes all credentials and connected services, significantly expanding the potential damage. However, Flowise Cloud remains unaffected due to disabled stdio MCP by default, whereas self-hosted versions are inherently vulnerable.

This revelation underscores the critical need for robust security practices in AI development environments, emphasizing the importance of timely updates and vigilant security configurations.

Security Week News Tags:AI security, Anthropic MCP, code execution, custom MCP tool, CVE-2026-40933, Cybersecurity, Flowise, GitHub, Obsidian Security, Open Source, PoC code, RCE vulnerability, self-hosted risk, serialization flaw, server takeover

Post navigation

Previous Post: Russian Spies Intensify Efforts to Acquire Western Tech
Next Post: Critical GitLab Security Updates Address Key Vulnerabilities

Related Posts

Cybersecurity Highlights: Iranian Hacks and Router Exploits Cybersecurity Highlights: Iranian Hacks and Router Exploits Security Week News
Furl Raises  Million for Autonomous Vulnerability Remediation Furl Raises $10 Million for Autonomous Vulnerability Remediation Security Week News
Iran-Linked Cyber Attacks Threaten US Amidst Ongoing Conflict Iran-Linked Cyber Attacks Threaten US Amidst Ongoing Conflict Security Week News
FBI Warns of Spoofed IC3 Website FBI Warns of Spoofed IC3 Website Security Week News
Rein Security Emerges From Stealth With M, Bringing Inside-Out AppSec Approach Rein Security Emerges From Stealth With $8M, Bringing Inside-Out AppSec Approach Security Week News
Valuable Information Leaked in LockBit Ransomware Hack  Valuable Information Leaked in LockBit Ransomware Hack  Security Week News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • Hackers Use Fake OAuth IDs to Target Entra ID Users
  • Microsoft Addresses Record 622 Vulnerabilities, Including Two Critical Zero-Days
  • Tego AI Exposes Potential Risks in Claude Tag Integration
  • Security Flaw in Claude for Chrome Allows Unauthorized Access
  • Fortinet Addresses Vulnerabilities in Key Security Software

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • Hackers Use Fake OAuth IDs to Target Entra ID Users
  • Microsoft Addresses Record 622 Vulnerabilities, Including Two Critical Zero-Days
  • Tego AI Exposes Potential Risks in Claude Tag Integration
  • Security Flaw in Claude for Chrome Allows Unauthorized Access
  • Fortinet Addresses Vulnerabilities in Key Security Software

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark