CVE-2026-40933 | FlowiseAI Flowise up to 3.0.x /tmp/pwn os command injection

April 22, 2026 Yanac

A vulnerability, which was classified as critical, was found in FlowiseAI Flowise up to 3.0.x. This impacts an unknown function of the file /tmp/pwn. The manipulation results in os command injection.

This vulnerability is reported as CVE-2026-40933. The attack can be launched remotely. No exploit exists.

You should upgrade the affected component.VulDB Recent EntriesRead More

CVE-2026-5921 | GitHub Enterprise Server up to 3.20.0 Notebook Rendering Service server-side request forgery
CVE-2026-40942 | datasharingframework dsf/dsf-bpe-process-api-v2/dsf-bpe-server up to 2.0.x OIDC Provider control flow (GHSA-xmj9-7625-f634)