Taskflow Ai

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-5831 MEDIUM PATCH This Month

Remote OS command injection in Agions taskflow-ai up to version 2.1.8 allows authenticated remote attackers to execute arbitrary operating system commands via manipulation of the terminal_execute component in src/mcp/server/handlers.ts, with CVSS 6.3 reflecting moderate severity. Vendor-released patch is available in version 2.1.9 (commit c1550b445b9f24f38c4414e9a545f5f79f23a0fe), and the vendor responded promptly to early notification.

AI / ML Command Injection RCE Taskflow Ai

NVD VulDB GitHub

CVSS 4.0

5.3

EPSS

0.7%

CVE-2026-5831

EPSS 1% CVSS 5.3

MEDIUM PATCH This Month

Remote OS command injection in Agions taskflow-ai up to version 2.1.8 allows authenticated remote attackers to execute arbitrary operating system commands via manipulation of the terminal_execute component in src/mcp/server/handlers.ts, with CVSS 6.3 reflecting moderate severity. Vendor-released patch is available in version 2.1.9 (commit c1550b445b9f24f38c4414e9a545f5f79f23a0fe), and the vendor responded promptly to early notification.

AI / ML Command Injection RCE +1

NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy