Exploit for Code Injection in Flowiseai Flowise

🗓️ 13 Apr 2026 21:06:26Reported by vanhariType

githubexploit

githubexploit🔗 github.com👁 224 Views

CVE-2025-59528 allows remote code execution in Flowise 3.0.5 via unsafe evaluation in the customMCP node.

Reporter	Title	Published	Views	Family All 40
GithubExploit	Exploit for Code Injection in Flowiseai Flowise	15 Apr 202606:28	–	githubexploit
GithubExploit	Exploit for Missing Authentication for Critical Function in Flowiseai Flowise	10 May 202607:11	–	githubexploit
GithubExploit	Exploit for Code Injection in Flowiseai Flowise	13 Apr 202611:32	–	githubexploit
GithubExploit	Exploit for Code Injection in Flowiseai Flowise	9 Jun 202600:31	–	githubexploit
GithubExploit	Exploit for Code Injection in Flowiseai Flowise	1 May 202617:20	–	githubexploit
GithubExploit	Exploit for Missing Authentication for Critical Function in Flowiseai Flowise	14 Apr 202606:50	–	githubexploit
GithubExploit	Exploit for Code Injection in Flowiseai Flowise	2 Nov 202507:39	–	githubexploit
GithubExploit	Exploit for Missing Authentication for Critical Function in Flowiseai Flowise	13 Apr 202601:54	–	githubexploit
GithubExploit	Exploit for Missing Authentication for Critical Function in Flowiseai Flowise	14 May 202621:15	–	githubexploit
GithubExploit	Exploit for Code Injection in Flowiseai Flowise	16 May 202618:06	–	githubexploit

13 Apr 2026 23:02Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.110

EPSS0.90183

SSVC

flowise custom node remote code execution vulnerability