A vulnerability classified as critical was found in FlowiseAI Flowise up to 3.1.2 . The impacted element is an unknown function of the file packages/components/nodes/documentloaders/S3/S3.ts of the component S3 Document Loader . Executing a manipulation can lead to path traversal. This vulnerability is registered as CVE-2026-12821 . It is possible to launch the attack remotely. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any w