Browse all 7 CVE security advisories affecting PrefectHQ. AI-powered Chinese analysis, POCs, and references for each vulnerability.
PrefectHQ is an orchestration platform for data workflows, commonly used for automating complex data pipelines. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation and access control flaws. The platform has faced security incidents, including a 2021 vulnerability (CVE-2021-23363) allowing unauthorized access to sensitive information due to insecure default configurations. While recent security posture appears improved, organizations should implement strict network segmentation and regular audits to mitigate risks associated with its complex deployment model.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-32871 | FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability — fastmcpCWE-918 | 9.1AI | CriticalAI | 2026-04-02 |
This page lists every published CVE security advisory associated with PrefectHQ. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.