Obsidian Security disclosed technical details and proof-of-concept code for CVE-2026-40933, a critical RCE flaw in Flowise tied to Anthropic’s MCP protocol. The vulnerability can let attackers trigger command execution during chatflow import, affecting self-hosted Flowise deployments by default while Flowise Cloud remains unaffected. #Flowise #CVE-2026-40933 #AnthropicMCP #ObsidianSecurity
Keypoints
- Obsidian Security released PoC code for a Flowise RCE vulnerability.
- CVE-2026-40933 is rated 9.9 and affects MCP-based AI ecosystems.
- The flaw stems from unsafe stdio command serialization in Anthropic MCP.
- Attackers can exploit crafted chatflows to execute commands during import.
- Self-hosted Flowise instances are vulnerable, while Flowise Cloud is not affected.
Read More: https://www.securityweek.com/exploit-code-published-for-critical-flowise-rce-vulnerability/