Lucene search
K

5 matches found

Cvelist
Cvelist
added 2026/06/08 3:30 p.m.49 views

CVE-2026-46443 Flowise: Credential Data Leak

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, when credentials are fetched with a credentialName filter parameter, the encryptedData field is not stripped from the response. The code properly omits encryptedData when no filter is...

7CVSS0.00271EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/05/14 2:58 p.m.11 views

FlowiseAI Vulnerable to Credential Data Leak

Severity: HIGH CVSS 7.5 Type: CWE-200 Exposure of Sensitive Information File: packages/server/src/services/credentials/index.ts:62-71 Description: When credentials are fetched with a credentialName filter parameter, the encryptedData field is NOT stripped from the response. The code properly omit...

7CVSS5.9AI score0.00271EPSS
Exploits1References4Affected Software1
Patchstack
Patchstack
added 2026/05/14 2:58 p.m.13 views

NPM: FlowiseAI Vulnerable to Credential Data Leak

NPM: FlowiseAI Vulnerable to Credential Data Leak vulnerability discovered by ? in WordPress Npm flowise versions = 3.1.1...

5.8AI score0.00271EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/05/14 2:58 p.m.7 views

GHSA-7G73-99R4-M4MJ FlowiseAI Vulnerable to Credential Data Leak

Severity: HIGH CVSS 7.5 Type: CWE-200 Exposure of Sensitive Information File: packages/server/src/services/credentials/index.ts:62-71 Description: When credentials are fetched with a credentialName filter parameter, the encryptedData field is NOT stripped from the response. The code properly omit...

7CVSS5.9AI score0.00271EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/02/11 7:44 p.m.5 views

CVE-2026-1603

An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data...

8.6CVSS5.6AI score0.81089EPSS
Exploits0References1
Rows per page
Query Builder