The Hacker News
@thehackernews
�� Flowise has a CVSS 10.0 RCE flaw (CVE-2025-59528) now under active attack.
A bug in MCP config lets attackers run JavaScript with full system access using just an API token. Over 12,000 exposed instances raise risk.
�� Exploitation details → https://thehackernews.com/2026/04/flowise-ai-agent-builder-under-active.html
A bug in MCP config lets attackers run JavaScript with full system access using just an API token. Over 12,000 exposed instances raise risk.
�� Exploitation details → https://thehackernews.com/2026/04/flowise-ai-agent-builder-under-active.html
⚡ 8
🔥 2
21 5.3K
Обсуждение 0
Обсуждение не доступно в веб-версии. Чтобы написать комментарий, перейдите в приложение Telegram.
Обсудить в Telegram