B3NCLOUD ARTICLE INTELLIGENCE

ARTICLEVIEW

Zurück zu News
cvefeed.io
RISK: Mittel (3.1)

CVE-2026-56274 - Flowise - Remote Code Execution via MCP Security Bypass in validateCommandFlags and validateArgsForLocalFileAccess

CVE ID :CVE-2026-56274 Published : June 23, 2026, 12:13 p.m. | 57 minutes ago Description :Flowise before 3.1.2 contains multiple OS command injection vulnerabilities in the Custom MCP Server feature due to incomplete command-flag validation and a regex bypass in local file access...

#Sicherheitslücke
Original-Artikel öffnen Zurück zur Übersicht

VERWANDTEARTIKEL

Cordyceps Supply Chain Flaw Impacting Code Repositories at thousands of Organizations

2026-06-23 Kritisch

CVE-2026-12249 in Canonical ADSys: MITM ermöglicht Manipulation des System-Trust-Stores

2026-06-23 Hoch

CVE-2026-54892 - Plug: quadratic-time decoding of nested query/body parameters enables denial of service

2026-06-23 Mittel

CVE-2026-56784 - OpenRemote Manager - Cross-Tenant IDOR in Bulk Alarm Deletion

2026-06-23 Mittel

CVE-2026-56322 - Capgo - Information Disclosure via Unauthenticated /updates defaultChannel Parameter

2026-06-23 Mittel

CVE-2026-56315 - picklescan - Remote Code Execution via Unblocked Standard Library Modules

2026-06-23 Mittel