📦 Flowise

Flowise versions 3.0.1 through 3.0.7 and all later versions with 'ALLOW_BUILTIN_DEP' enabled contain an authenticated remote code execution vulnerability. An authenticated attacker can create or run t...

This vulnerability in Flowise allows authenticated attackers to read and write arbitrary files anywhere on the file system due to insufficient path restrictions in WriteFileTool and ReadFileTool compo...

Flowise versions 3.0.5 and below contain a critical remote code execution vulnerability in the CustomMCP node. Attackers can execute arbitrary JavaScript code with full Node.js privileges by manipulat...

This vulnerability in Flowise allows unauthenticated attackers to generate password reset tokens for any user account, leading to complete account takeover. It affects both cloud-hosted and self-hoste...

FlowiseAI Flowise v2.2.6 contains an arbitrary file upload vulnerability in the /api/v1/attachments endpoint that allows attackers to upload malicious files without proper validation. This affects all...

An authentication bypass vulnerability in Flowise version 1.8.2 allows remote unauthenticated attackers to access administrator API endpoints and restricted functionality. This affects all deployments...

FlowiseAI version 3.0.7 contains a file upload vulnerability that allows authenticated users to upload arbitrary files without validation. This enables attackers to store malicious Node.js web shells ...

This Cross-Site Scripting (XSS) vulnerability in Flowise allows attackers to inject malicious scripts via FORM and INPUT elements in chat logs. When an admin views these logs, the scripts execute in t...

This Server-Side Request Forgery (SSRF) vulnerability in Flowise version 3.0.5 allows attackers to use the application server as a proxy to access internal network services and explore their link stru...

Flowise versions up to 2.2.3 contain a SQL injection vulnerability in the Postgres_VectorStores component via the tableName parameter. This allows attackers to execute arbitrary SQL commands on the da...

Flowise version 1.4.3 has a CORS misconfiguration that allows arbitrary origins to connect to the website, potentially enabling cross-origin attacks. When combined with a path injection vulnerability,...

This vulnerability allows remote attackers to execute arbitrary code on FlowiseAI installations by sending crafted scripts to the api/v1 component. It affects FlowiseAI Flowise versions 1.6.2 and earl...

CVE-2025-57164 allows remote code execution in Flowise AI platforms through unsanitized user input in the Supabase RPC Filter field. Attackers can execute arbitrary code on vulnerable Flowise instance...

Flowise version 1.4.3 has a reflected cross-site scripting vulnerability in the /api/v1/credentials/id endpoint that allows attackers to inject malicious JavaScript via crafted URLs. This can lead to ...

Flowise version 1.4.3 has a reflected cross-site scripting vulnerability in the /api/v1/public-chatflows/id endpoint that allows attackers to inject malicious JavaScript via crafted URLs. This can lea...