CVE 9.4 CRITICAL

Flowise: Code Injection in CSVAgent leads to Authenticated RCE_CVE-2026-41137

April 23, 2026 invoker category_cve

9.4 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Description

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, The CSVAgent allows providing a custom Pandas CSV read code. Due to lack of sanitization, an attacker can provide a command injection payload that will get interpolated and executed by the server. This vulnerability is fixed in 3.1.0.

AI Analysis

Code injection vulnerability in CSVAgent allows attackers to execute arbitrary code

Basic Information

ID CVE-2026-41137

Source GitHub_M

Published Apr 23, 2026 at 19:10

Affected Product

Vendor FlowiseAI

Product Flowise

Version < 3.1.0

Affected Versions FlowiseAI Flowise < 3.1.0
FlowiseAI flowise-components < 3.1.0

CWE Classification

CWE-94

AI Assessment

AI Score 9.4 / 10

AI Severity Critical

Vendor FlowiseAI

Product Flowise

Version < 3.1.0

References

github.com /FlowiseAI/Flowise/security/advisories/GHSA-9wc7-mj3f-74xv

{
    "lastseen": "",
    "description": "Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, The CSVAgent allows providing a custom Pandas CSV read code. Due to lack of sanitization, an attacker can provide a command injection payload that will get interpolated and executed by the server. This vulnerability is fixed in 3.1.0.",
    "published": "2026-04-23T19:10:37.727Z",
    "modified": "2026-04-23T19:10:37.727Z",
    "type": "cve",
    "title": "Flowise: Code Injection in CSVAgent leads to Authenticated RCE",
    "source": "GitHub_M",
    "references": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-9wc7-mj3f-74xv",
    "id": "CVE-2026-41137",
    "bulletinFamily": "",
    "cwe": [
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "FlowiseAI Flowise < 3.1.0\nFlowiseAI flowise-components < 3.1.0",
    "sourceHref": "",
    "cvss": {
        "score": 9.4,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Flowise",
    "version": "< 3.1.0",
    "vendor": "FlowiseAI",
    "ai_description": "Code injection vulnerability in CSVAgent allows attackers to execute arbitrary code",
    "ai_severity": "Critical",
    "ai_vendor": "FlowiseAI",
    "ai_product": "Flowise",
    "ai_version": "< 3.1.0",
    "ai_score": 9.4
}

💭 Join the Security Discussion ❌ Cancel Reply