{"data":{"id":"507e419d-a9f0-488b-8218-047e9fc1f88f","title":"GHSA-v38x-c887-992f: Flowise: Airtable_Agent Code Injection Remote Code Execution Vulnerability","summary":"Flowise versions up to 3.0.13 have a remote code execution vulnerability in the Airtable Agent node where user input is sent to an LLM (large language model, an AI that generates text) to generate Python code, which is then executed without proper sandboxing. An attacker can craft malicious prompts that trick the LLM into generating code containing dangerous commands (like imports or system operations) that bypass the validation checks, allowing them to run arbitrary code on the server without needing to log in.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-v38x-c887-992f","publishedAt":"2026-04-18T00:46:04.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":"critical","severity":"critical","attackType":["prompt_injection"],"issueType":"vulnerability","affectedPackages":["flowise-components@<= 3.0.13 (fixed: 3.1.0)","flowise@<= 3.0.13 (fixed: 3.1.0)"],"affectedVendors":["LangChain"],"affectedVendorsRaw":["FlowiseAI","Flowise"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":true,"disclosureDate":"2026-04-18T00:46:04.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","confidentiality","availability"],"aiComponentTargeted":"agent","llmSpecific":true,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}