Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
Critical Flowise Vulnerability Exploit Code Released

Critical Flowise Vulnerability Exploit Code Released

Posted on May 30, 2026 By CWS

Obsidian Security has published detailed insights and proof-of-concept (PoC) code for a serious remote code execution (RCE) vulnerability in the Flowise platform. This vulnerability, identified as CVE-2026-40933 and rated with a CVSS score of 9.9, was initially reported in April, alongside other security issues affecting AI ecosystems utilizing Anthropic’s MCP protocol.

Understanding the Flowise Vulnerability

Flowise, a widely-used open-source platform facilitating the creation of LLM flows and AI agents through a drag-and-drop interface, has garnered over 52,000 stars on GitHub. It has been identified as one of the systems susceptible to this vulnerability. According to OX Security, the vulnerability stems from a systemic command injection flaw within the Anthropic MCP, which compromises the entire ecosystem.

Technical Details and Exploitation

The National Institute of Standards and Technology (NIST) advisory explains that CVE-2026-40933 arises from unsafe serialization of stdio commands in the MCP adapter. This design flaw allows attackers to introduce an MCP stdio server with arbitrary commands, leading to code execution. Flowise versions preceding 3.1.0 permitted any user to add new MCP commands, paving the way for potential exploitation.

Obsidian highlights that attackers could exploit this vulnerability by persuading users to import a tailored chatflow, initiating arbitrary code execution on the server. This exploit requires either a malicious insider or a compromised user account to add a Custom MCP Tool with a harmful stdio MCP configuration.

Impact and Mitigation

A remote attacker could embed a harmful command within a Custom MCP Tool configuration, export it as JSON, and share it with the target. The import action, leveraging Flowise’s legitimate features, facilitates the execution of the malicious command. Obsidian’s PoC code demonstrates how this could establish a shell back to Docker’s bridge address.

Successful exploitation results in OS-level execution with the Flowise process’s privileges, potentially root in containerized environments. This exposes all credentials and connected services, significantly expanding the potential damage. However, Flowise Cloud remains unaffected due to disabled stdio MCP by default, whereas self-hosted versions are inherently vulnerable.

This revelation underscores the critical need for robust security practices in AI development environments, emphasizing the importance of timely updates and vigilant security configurations.

Security Week News Tags:AI security, Anthropic MCP, code execution, custom MCP tool, CVE-2026-40933, Cybersecurity, Flowise, GitHub, Obsidian Security, Open Source, PoC code, RCE vulnerability, self-hosted risk, serialization flaw, server takeover

Post navigation

Previous Post: Russian Spies Intensify Efforts to Acquire Western Tech
Next Post: Critical GitLab Security Updates Address Key Vulnerabilities

Related Posts

AI Exploitation: Emerging Threats in Cybersecurity AI Exploitation: Emerging Threats in Cybersecurity Security Week News
SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available Security Week News
New 0 Cellik RAT Grants Android Control, Trojanizes Google Play Apps New $150 Cellik RAT Grants Android Control, Trojanizes Google Play Apps Security Week News
MITRE Updates List of Most Common Hardware Weaknesses MITRE Updates List of Most Common Hardware Weaknesses Security Week News
Intuitive Reports Cyberattack Affecting Data Security Intuitive Reports Cyberattack Affecting Data Security Security Week News
OT Networks Targeted in Widespread Exploitation of Erlang/OTP Vulnerability OT Networks Targeted in Widespread Exploitation of Erlang/OTP Vulnerability Security Week News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • Tego AI Exposes Potential Risks in Claude Tag Integration
  • Security Flaw in Claude for Chrome Allows Unauthorized Access
  • Fortinet Addresses Vulnerabilities in Key Security Software
  • Microsoft Addresses 622 Vulnerabilities, Highlights Two Zero-Days
  • Critical SAP NetWeaver Vulnerability Addressed in July Updates

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • Tego AI Exposes Potential Risks in Claude Tag Integration
  • Security Flaw in Claude for Chrome Allows Unauthorized Access
  • Fortinet Addresses Vulnerabilities in Key Security Software
  • Microsoft Addresses 622 Vulnerabilities, Highlights Two Zero-Days
  • Critical SAP NetWeaver Vulnerability Addressed in July Updates

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark