CVE-2025-34267 – Flowise versions 3.0.1 through 3.0.7 and all la... (How to Fix)

Q: What is the severity of CVE-2025-34267?

CVE-2025-34267 has a CVSS score of 9.9 (CRITICAL). Flowise versions 3.0.1 through 3.0.7 and all later versions with 'ALLOW_BUILTIN_DEP' enabled contain an authenticated remote code execution vulnerability. An authenticated attacker can create or run tools using Puppeteer/Playwright to specify malicious browser binary paths and parameters, escaping the nodevm sandbox and executing arbitrary code on the host system. This affects Flowise installations with the vulnerable configuration enabled.

📋 TL;DR

Flowise versions 3.0.1 through 3.0.7 and all later versions with 'ALLOW_BUILTIN_DEP' enabled contain an authenticated remote code execution vulnerability. An authenticated attacker can create or run tools using Puppeteer/Playwright to specify malicious browser binary paths and parameters, escaping the nodevm sandbox and executing arbitrary code on the host system. This affects Flowise installations with the vulnerable configuration enabled.

💻 Affected Systems

Products:

Flowise

Versions: v3.0.1 through v3.0.7, and all versions after with ALLOW_BUILTIN_DEP enabled

Operating Systems: All operating systems running Flowise

Default Config Vulnerable: ✅ No

Notes: Vulnerability only exists when ALLOW_BUILTIN_DEP environment variable is enabled. Default installations are not vulnerable.

📦 What is this software?

Flowise by Flowiseai

View all CVEs affecting Flowise →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with attacker gaining full control of the host machine, data exfiltration, lateral movement, and persistent backdoor installation.

🟠

Likely Case

Authenticated attackers with tool creation/execution privileges achieve remote code execution, potentially compromising sensitive data and system integrity.

🟢

If Mitigated

Limited impact if proper authentication controls, network segmentation, and monitoring are in place to detect and block exploitation attempts.

🌐 Internet-Facing: HIGH

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated access with permissions to create/run tools. The vulnerability is well-documented in security advisories.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v3.0.8

Vendor Advisory: https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-5w3r-f6gm-c25w

Restart Required: Yes

Instructions:

1. Update Flowise to version 3.0.8 or later. 2. Restart the Flowise service. 3. Verify the update was successful by checking the version.

🔧 Temporary Workarounds

Disable ALLOW_BUILTIN_DEP

all

Disable the vulnerable configuration option that enables built-in dependencies

export ALLOW_BUILTIN_DEP=false
unset ALLOW_BUILTIN_DEP

Restrict Tool Creation Permissions

all

Limit user permissions to prevent creation/execution of tools using Puppeteer/Playwright

🧯 If You Can't Patch

Disable ALLOW_BUILTIN_DEP environment variable immediately
Implement strict network segmentation and firewall rules to isolate Flowise instances

🔍 How to Verify

Check if Vulnerable:

Check Flowise version and verify if ALLOW_BUILTIN_DEP is enabled. Vulnerable if version is between 3.0.1-3.0.7 OR any version with ALLOW_BUILTIN_DEP=true.

Check Version:

Check Flowise UI dashboard or application logs for version information

Verify Fix Applied:

Confirm Flowise version is 3.0.8 or later and ALLOW_BUILTIN_DEP is disabled or not set.

📡 Detection & Monitoring

Log Indicators:

Unusual tool execution patterns
Puppeteer/Playwright executions with custom binary paths
Authentication logs showing suspicious user activity

Network Indicators:

Unexpected outbound connections from Flowise host
Command and control traffic patterns

SIEM Query:

source="flowise" AND (event="tool_execution" OR event="puppeteer_exec" OR event="playwright_exec") AND (binary_path!="/usr/bin/chromium" OR binary_path!="/usr/bin/chrome")

📊 Metadata

CVE ID: CVE-2025-34267

CVSS v3 Score: 9.9 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE: CWE-77

EPSS Score: 0.69% exploit probability (71.4th percentile)

Published: October 14, 2025

Last Updated: October 27, 2025

🔗 References

https://flowiseai.com/ Product
https://github.com/FlowiseAI/Flowise/pull/5231 Issue Tracking
https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-5w3r-f6gm-c25w Exploit,Vendor Advisory
https://www.vulncheck.com/advisories/flowise-auth-command-execution-and-sandbox-bypass-via-puppeteer-and-playwright-packages Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-34267, you might also want to check these: