An attacker is able to steal secrets and potentially gain remote code execution via CSRF using a self-hosted, open source Prefect API.
"https://github.com/pypa/advisory-database/blob/main/vulns/prefect/PYSEC-2026-1799.yaml"