Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/50746?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50746?format=api", "vulnerability_id": "VCID-kzee-t93b-jyg7", "summary": "Flowise has Arbitrary File Upload via MIME Spoofing\n---\n\n**1. Root Cause**\nThe vulnerability stems from relying solely on the MIME type without cross-validating the file extension or actual content. This allows attackers to upload executable files (e.g., `.js`, `.php`) or malicious scripts (`.html`) by masquerading them as benign images or documents.\n\n**2. Key Attack Scenarios**\n\n- **Server Compromise (RCE):** An attacker uploads a **Web Shell** and triggers its execution on the server. Successful exploitation grants system privileges, allowing unauthorized access to internal data and full control over the server.\n- **Client-Side Attack (Stored XSS):** An attacker uploads files containing malicious scripts (e.g., HTML, SVG). When a victim views the file, the script executes within their browser, leading to session cookie theft and account takeover.\n\n**3. Impact**\nThis vulnerability is rated as **High** severity. The risk is particularly critical if the system utilizes shared storage (e.g., S3, GCS) or static hosting features, as the compromise could spread to the entire infrastructure and affect other tenants.", "aliases": [ { "alias": "CVE-2026-30821" }, { "alias": "GHSA-j8g8-j7fc-43v6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74477?format=api", "purl": "pkg:npm/flowise@3.0.13", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/flowise@3.0.13" } ], "affected_packages": [], "references": [ { "reference_url": "https://github.com/FlowiseAI/Flowise", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/FlowiseAI/Flowise" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.13", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.13" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30821", "reference_id": "CVE-2026-30821", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30821" }, { "reference_url": "https://github.com/advisories/GHSA-j8g8-j7fc-43v6", "reference_id": "GHSA-j8g8-j7fc-43v6", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-j8g8-j7fc-43v6" }, { "reference_url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-j8g8-j7fc-43v6", "reference_id": "GHSA-j8g8-j7fc-43v6", "reference_type": "", "scores": [], "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-j8g8-j7fc-43v6" } ], "weaknesses": [ { "cwe_id": 434, "name": "Unrestricted Upload of File with Dangerous Type", "description": "The product allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [], "severity_range_score": null, "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kzee-t93b-jyg7" }