It takes one file. A single chatflow import, the kind Flowise users share routinely, can give an attacker full command execution on the server running the application. The vulnerability, tracked as ...