{"vulnerability": "CVE-2026-4126", "sightings": [{"uuid": "b84f72ba-c5a3-440a-a094-62ee5eced554", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41266", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mkbwznomm32f", "content": "", "creation_timestamp": "2026-04-25T02:00:35.695437Z"}, {"uuid": "613130d3-bb52-4102-a893-49e8a8cdfce8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41267", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mk6u4qo7zo2t", "content": "", "creation_timestamp": "2026-04-23T20:30:39.628520Z"}, {"uuid": "0504599b-f014-44f8-9f35-210d2528feb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41268", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mk6u4x7hey2e", "content": "", "creation_timestamp": "2026-04-23T20:30:45.660689Z"}, {"uuid": "9803cbc4-67ff-4afd-9e63-edbe4cf36667", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4126", "type": "seen", "source": "https://bsky.app/profile/atomicedge.bsky.social/post/3mk7bocnbhl2s", "content": "", "creation_timestamp": "2026-04-24T00:33:06.463052Z"}, {"uuid": "d9457267-1c7a-4d9b-9966-54b920695aa0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41263", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mkanez5th22k", "content": "", "creation_timestamp": "2026-04-24T13:35:19.535850Z"}, {"uuid": "3e9b9df6-41ca-4f7a-b1c0-727cb8e96c6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41265", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mke23guci32z", "content": "", "creation_timestamp": "2026-04-25T22:00:35.939148Z"}, {"uuid": "bc41f443-01aa-45b1-8773-940888ab8111", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41264", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mke2376l4i2t", "content": "", "creation_timestamp": "2026-04-25T22:00:28.721224Z"}, {"uuid": "b8e8d750-5889-4940-92b7-cf50e6fd3cc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41267", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mkfcol2w4r2o", "content": "", "creation_timestamp": "2026-04-26T10:07:07.969747Z"}, {"uuid": "f7d5f1b7-23c5-4f57-81bd-0337bb0bfa5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41266", "type": "published-proof-of-concept", "source": "Telegram/LhBAsLXZuywUMfmIXbSwPnWzjb6RJaoGfmWe6gs8QchtB8o", "content": "", "creation_timestamp": "2026-04-23T21:26:14.000000Z"}, {"uuid": "a05bbbbc-13d7-46a2-9147-eda52663e4d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41264", "type": "published-proof-of-concept", "source": "Telegram/LhBAsLXZuywUMfmIXbSwPnWzjb6RJaoGfmWe6gs8QchtB8o", "content": "", "creation_timestamp": "2026-04-23T21:26:14.000000Z"}, {"uuid": "22bd6b7d-8b4d-41a1-ad3e-476580b40943", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41265", "type": "published-proof-of-concept", "source": "Telegram/LhBAsLXZuywUMfmIXbSwPnWzjb6RJaoGfmWe6gs8QchtB8o", "content": "", "creation_timestamp": "2026-04-23T21:26:14.000000Z"}, {"uuid": "92eeb615-6429-4c17-87f2-1da0584c6608", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41267", "type": "seen", "source": "Telegram/BiTM4VWQdbYmMG43-mv447qo5-YjFbOvUme2BKAYDCNP_Pw", "content": "", "creation_timestamp": "2026-04-23T21:26:31.000000Z"}, {"uuid": "254ff644-6fc3-48ae-a3e8-04d750b2305b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41269", "type": "seen", "source": "Telegram/BiTM4VWQdbYmMG43-mv447qo5-YjFbOvUme2BKAYDCNP_Pw", "content": "", "creation_timestamp": "2026-04-23T21:26:31.000000Z"}, {"uuid": "c6f3a112-3714-4cd9-bd06-eb7a045634b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41266", "type": "seen", "source": "Telegram/BiTM4VWQdbYmMG43-mv447qo5-YjFbOvUme2BKAYDCNP_Pw", "content": "", "creation_timestamp": "2026-04-23T21:26:31.000000Z"}, {"uuid": "501e44e6-6bc7-4647-8f54-36549742b6e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41268", "type": "seen", "source": "Telegram/BiTM4VWQdbYmMG43-mv447qo5-YjFbOvUme2BKAYDCNP_Pw", "content": "", "creation_timestamp": "2026-04-23T21:26:31.000000Z"}, {"uuid": "c23f149b-252d-40dc-8186-437b3e478dce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41263", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mkqpzycnet2q", "content": "CVE-2026-41263 - Traefik: BasicAuth middleware: timing side-channel vulnerability\nCVE ID : CVE-2026-41263\n \n Published : April 30, 2026, 9:16 p.m. | 1\u00a0hour, 2\u00a0minutes ago\n \n Description : Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, an...", "creation_timestamp": "2026-04-30T23:05:25.891616Z"}, {"uuid": "bdb87c1e-9aff-4123-9bea-eeaea5244d21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-41267", "type": "published-proof-of-concept", "source": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-48m6-ch88-55mj", "content": "", "creation_timestamp": "2026-04-15T21:42:22.000000Z"}, {"uuid": "9cc46f0d-eaee-4813-8725-eb806e20f134", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-41266", "type": "published-proof-of-concept", "source": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-4jpm-cgx2-8h37", "content": "", "creation_timestamp": "2026-04-15T21:42:29.000000Z"}, {"uuid": "f6ce619e-6d10-4826-8aff-7704c157f638", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-41268", "type": "published-proof-of-concept", "source": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-cvrr-qhgw-2mm6", "content": "", "creation_timestamp": "2026-04-15T21:42:38.000000Z"}, {"uuid": "3ee6394e-a38c-4af2-9865-56bc34392fcc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-41269", "type": "published-proof-of-concept", "source": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-rh7v-6w34-w2rr", "content": "", "creation_timestamp": "2026-04-15T21:42:59.000000Z"}, {"uuid": "88591acd-1217-49a0-a58e-32088901d144", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-41265", "type": "published-proof-of-concept", "source": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-v38x-c887-992f", "content": "", "creation_timestamp": "2026-04-15T21:44:45.000000Z"}, {"uuid": "42f78dcd-7075-4bdc-9461-f6770d237ff3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-41264", "type": "published-proof-of-concept", "source": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-3hjv-c53m-58jj", "content": "", "creation_timestamp": "2026-04-15T21:44:36.000000Z"}, {"uuid": "f588181e-64ae-4b43-9b51-da32c8f87572", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-41262", "type": "published-proof-of-concept", "source": "https://github.com/fleetdm/fleet/security/advisories/GHSA-gm7f-v959-fr2g", "content": "", "creation_timestamp": "2026-06-26T22:35:37.463698Z"}, {"uuid": "da99882a-a9da-4ecf-8a20-6b8d051e6180", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41264", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/flowise_auth_rce_cve_2026_41264.rb", "content": "{\"aliases\": [], \"arch\": \"cmd\", \"author\": [\"zdi-disclosures\", \"Takahiro Yokoyama\"], \"autofilter_ports\": [80, 8080, 443, 8000, 8888, 8880, 8008, 3000, 8443], \"autofilter_services\": [\"http\", \"https\"], \"check\": true, \"default_credential\": false, \"description\": \"This vulnerability allows remote attackers to execute arbitrary code on affected installations of FlowiseAI Flowise.\\n          Authentication is not required to exploit this vulnerability.\\n\\n          The specific flaw exists within the run method of the CSV_Agents class.\\n          The issue results from the lack of proper sandboxing when evaluating an LLM generated python script.\\n          An attacker can leverage this vulnerability to execute code in the context of the user running the server.\", \"disclosure_date\": \"2026-04-22\", \"fullname\": \"exploit/multi/http/flowise_auth_rce_cve_2026_41264\", \"is_install_path\": true, \"mod_time\": \"2026-06-06 12:25:07 +0000\", \"name\": \"Flowise CSV Agent Prompt Injection RCE\", \"needs_cleanup\": null, \"notes\": {\"Reliability\": [\"repeatable-session\"], \"SideEffects\": [\"ioc-in-logs\"], \"Stability\": [\"crash-safe\"]}, \"path\": \"/modules/exploits/multi/http/flowise_auth_rce_cve_2026_41264.rb\", \"platform\": \"Linux,Unix,Windows\", \"post_auth\": false, \"rank\": 600, \"ref_name\": \"multi/http/flowise_auth_rce_cve_2026_41264\", \"references\": [\"CVE-2026-41264\", \"GHSA-3hjv-c53m-58jj\"], \"rport\": 3000, \"session_types\": false, \"targets\": [\"Linux Command\", \"Windows Command\"], \"type\": \"exploit\"}", "creation_timestamp": "2026-07-03T08:40:03.367903Z"}, {"uuid": "28c999b9-2dbc-406e-b1e6-65f2dc4a71ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41264", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/flowise_auth_rce_cve_2026_41264.rb", "content": "{\"aliases\": [], \"arch\": \"cmd\", \"author\": [\"zdi-disclosures\", \"Takahiro Yokoyama\"], \"autofilter_ports\": [80, 8080, 443, 8000, 8888, 8880, 8008, 3000, 8443], \"autofilter_services\": [\"http\", \"https\"], \"check\": true, \"default_credential\": false, \"description\": \"This vulnerability allows remote attackers to execute arbitrary code on affected installations of FlowiseAI Flowise.\\n          Authentication is not required to exploit this vulnerability.\\n\\n          The specific flaw exists within the run method of the CSV_Agents class.\\n          The issue results from the lack of proper sandboxing when evaluating an LLM generated python script.\\n          An attacker can leverage this vulnerability to execute code in the context of the user running the server.\", \"disclosure_date\": \"2026-04-22\", \"fullname\": \"exploit/multi/http/flowise_auth_rce_cve_2026_41264\", \"is_install_path\": true, \"mod_time\": \"2026-06-06 12:25:07 +0000\", \"name\": \"Flowise CSV Agent Prompt Injection RCE\", \"needs_cleanup\": null, \"notes\": {\"Reliability\": [\"repeatable-session\"], \"SideEffects\": [\"ioc-in-logs\"], \"Stability\": [\"crash-safe\"]}, \"path\": \"/modules/exploits/multi/http/flowise_auth_rce_cve_2026_41264.rb\", \"platform\": \"Linux,Unix,Windows\", \"post_auth\": false, \"rank\": 600, \"ref_name\": \"multi/http/flowise_auth_rce_cve_2026_41264\", \"references\": [\"CVE-2026-41264\", \"GHSA-3hjv-c53m-58jj\"], \"rport\": 3000, \"session_types\": false, \"targets\": [\"Linux Command\", \"Windows Command\"], \"type\": \"exploit\"}", "creation_timestamp": "2026-07-05T07:55:59.725929Z"}, {"uuid": "8db89b68-e1c0-46c6-8410-856394f71abe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41264", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mqdjf6uyrm2p", "content": "CVE-2026-41264: FlowiseAI's Deep Flaw Offers Attackers Arbitrary Code Execution #CVE2026 #CyberSecurity #Vulnerability", "creation_timestamp": "2026-07-11T01:32:59.618546Z"}, {"uuid": "8f55eec6-40a9-452e-ad14-e67073622a4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41264", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mqdjfcsjhg2o", "content": "CVE-2026-41264 and CVE-2024-27822: Flawed Protections Expose Real Threats #CVE2026 #CVE2024 #CyberSecurity", "creation_timestamp": "2026-07-11T01:33:03.434249Z"}, {"uuid": "db25d551-21af-4432-8e67-1070c48feff9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41264", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mqdjfgcx4g2o", "content": "CVE-2024-27822 and CVE-2026-41264 Expose Flaws in FlowiseAI and macOS \u2013 Who's Counting the Costs? #CVE2024 #CVE2026 #FlowiseAI", "creation_timestamp": "2026-07-11T01:33:07.177134Z"}, {"uuid": "6227aa2b-cf53-4ff1-9b5b-614c9fdff6ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41264", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mqdjfjxcqo2o", "content": "CVE-2026-41264 Exposes FlowiseAI CSV Agent to Unauthenticated Attacks #CVE2026 #FlowiseAI #CyberSecurity", "creation_timestamp": "2026-07-11T01:33:11.535370Z"}, {"uuid": "23f1dc4b-9cb3-49ec-8ed4-8e3a1d8b4c68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41264", "type": "seen", "source": "https://bsky.app/profile/cybernewsroom.bsky.social/post/3mqdjfnoyfi22", "content": "CVE-2026-41264: FlowiseAI's New Exploit Highlights Persistent Security Gaps #CVE2026 #FlowiseAI #CyberSecurity", "creation_timestamp": "2026-07-11T01:33:15.104252Z"}]}