Obsidian Security has released technical information and proof-of-concept (PoC) code targeting a remote code execution (RCE) vulnerability in Flowise.
The issue, tracked as CVE-2026-40933 (CVSS score of 9.9), was disclosed in April along with several other security defects impacting AI ecosystems that rely on Anthropic’s MCP protocol.
Flowise, a popular open source platform that provides developers with a drag-and-drop interface for building LLM flows and AI agents, and which has over 52,000 GitHub stars, was flagged as one of the impacted products.
According to OX Security, the root cause of the issue is a “by design”, systemic command injection vulnerability in Anthropic MCP, which propagates through the ecosystem.
[Learn More: SecurityWeek to Host AI Risk Summit August 11-12 at the Ritz-Carlton, Half Moon Bay]
