2 matches found
CVE-2026-32311
Flowsint is affected by a high-severity vulnerability in which an attacker can create a sketch and trigger the org_to_asn transformer on an organization node to execute arbitrary OS commands as root on the host via shell metacharacters and a Docker container escape. The issue pertains to the tran...
CVE-2026-42159
CVE-2026-42159 affects Flowsint, an open-source OSINT graph exploration tool. A remote attacker can create a node whose description contains arbitrary HTML; when selected, the node renders that HTML and may trigger stored XSS. The issue resides in sketches and their nodes/relationships where desc...