CVE-2026-41268

CVE-2026-41268 is a critical unauthenticated remote command execution (RCE) vulnerability affecting Flowise, an open-source drag-and-drop user interface for building customized large language model (LLM) flows. Versions of Flowise prior to 3.1.0 are vulnerable due to a parameter override bypass that leverages the FILE-STORAGE:: keyword in combination with NODE_OPTIONS environment variable injection. This flaw, associated with CWE-20 (Improper Input Validation), carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and was published on April 23, 2026.

Any unauthenticated attacker with network access to a vulnerable Flowise instance can exploit this vulnerability using a single HTTP request, without requiring authentication credentials or prior knowledge of the target. Successful exploitation enables the execution of arbitrary system commands with root privileges inside the containerized Flowise environment, potentially leading to full compromise of the host system.

The official GitHub security advisory (GHSA-cvrr-qhgw-2mm6) confirms that the vulnerability is fully remediated in Flowise version 3.1.0, urging users to upgrade immediately. No additional workarounds are specified, emphasizing the need for prompt patching in all exposed deployments.

Flowise's role in LLM workflow orchestration makes this vulnerability particularly relevant for AI/ML practitioners, as compromised instances could disrupt or manipulate model training and inference pipelines. No public evidence of real-world exploitation has been reported as of publication.