A vulnerability, which was classified as critical , has been found in FlowiseAI Flowise up to 3.0.x . This affects the function CSV_Agents . The manipulation leads to incomplete blacklist. This vulnerability is listed as CVE-2026-41264 . The attack may be initiated remotely. There is no available exploit. It is advisable to upgrade the affected component.