8 matches found
OpenClaude Sandbox Bypass via Model-Controlled `dangerouslyDisableSandbox` Input
Summary The dangerouslyDisableSandbox parameter is exposed as part of the BashTool input schema, meaning the LLM an untrusted principal per the project's own threat model can set it to true in any tooluse response. Combined with the default allowUnsandboxedCommands: true setting, a prompt-injecte...
GHSA-M77W-P5JJ-XMHG OpenClaude Sandbox Bypass via Model-Controlled `dangerouslyDisableSandbox` Input
Summary The dangerouslyDisableSandbox parameter is exposed as part of the BashTool input schema, meaning the LLM an untrusted principal per the project's own threat model can set it to true in any tooluse response. Combined with the default allowUnsandboxedCommands: true setting, a prompt-injecte...
VulnCheck KEV: CVE-2025-8943
The Custom MCPs feature is designed to execute OS commands, for instance, using tools like npx to spin up local MCP Servers. However, Flowise's inherent authentication and authorization model is minimal and lacks role-based access controls RBAC. Furthermore, in Flowise versions before 3.0.1 the...
EUVD-2025-24801
Malicious code in bioql PyPI...
GHSA-6933-JPX5-Q87Q Flowise has unsandboxed remote code execution via Custom MCP
Summary The Custom MCPs feature is designed to execute OS commands, for instance, using tools like npx to spin up local MCP Servers. However, Flowise's inherent authentication and authorization model is minimal and lacks role-based access controls RBAC. Furthermore, the default installation of...
Flowise OS command remote code execution
The Custom MCPs feature is designed to execute OS commands, for instance, using tools like npx to spin up local MCP Servers. However, Flowise's inherent authentication and authorization model is minimal and lacks role-based access controls RBAC. Furthermore, in Flowise versions before 3.0.1 the...
Flowise 安全漏洞
Flowise is a FlowiseAI open source tool for easily building LLM applications. A security vulnerability exists in versions prior to Flowise 3.0.1 that stems from the lack of authentication and role-based access control in the default installation, which could lead to the execution of un-sandboxed ...
SUSE-SU-2023:1712-1 Security update for flatpak
This update for flatpak fixes the following issues: - CVE-2023-28101: Fixed misleading terminal output with metadata with ANSI control codes bsc1209410. - CVE-2023-28100: Fixed unsandboxed TIOCLINUX commands bsc1209411...