Berabuddies Agentflow
2 CVEs affecting Berabuddies Agentflow. Latest disclosed: 2026-04-29. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-7466 | High | 8.8 | 2026-04-29 | AgentFlow contains an arbitrary code execution vulnerability that allows attackers to execute local Python pipeline files by supplying a user-controlled pipeli… |
CVE-2026-7439 | Medium | 4.4 | 2026-04-29 | AgentFlow's local web API accepts non-JSON content types on POST /api/runs and POST /api/runs/validate endpoints without enforcing application/json validation… |