CVE-2026-7466 | berabuddies AgentFlow /api/runs pipeline_path code injection (1667fa3)

A vulnerability was found in berabuddies AgentFlow. It has been declared as critical. This vulnerability affects unknown code of the file /api/runs. The manipulation of the argument pipeline_path results in code injection.

This vulnerability was named CVE-2026-7466. The attack may be performed from remote. There is no available exploit.

It is best practice to apply a patch to resolve this issue.VulDB Recent EntriesRead More