8 matches found
CVE-2026-56271
Flowise before 3.1.0 affected versions 3.0.13 and earlier uses weak hardcoded default JWT secrets 'authtoken', 'refreshtoken' and default audience and issuer values 'AUDIENCE', 'ISSUER' in the enterprise passport authentication middleware packages/server/src/enterprise/middleware/passport/index.t...
EUVD-2026-43228
Flowise before 3.1.0 affected versions 3.0.13 and earlier uses weak hardcoded default JWT secrets 'authtoken', 'refreshtoken' and default audience and issuer values 'AUDIENCE', 'ISSUER' in the enterprise passport authentication middleware packages/server/src/enterprise/middleware/passport/index.t...
CVE-2026-56271 Flowise - Weak Default JWT Secrets in Authentication Middleware
Flowise before 3.1.0 affected versions 3.0.13 and earlier uses weak hardcoded default JWT secrets 'authtoken', 'refreshtoken' and default audience and issuer values 'AUDIENCE', 'ISSUER' in the enterprise passport authentication middleware packages/server/src/enterprise/middleware/passport/index.t...
PT-2026-57552
Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.0 Description The enterprise passport authentication middleware in packages/server/src/enterprise/middleware/passport/index.ts uses weak hardcoded default secrets and values for audience and issuer. When the...
IIOP Deserialization Remote Code Execution Vulnerability in Kingdee Apusic Application Server of Kingdee Software (China) Co.
Kingdee Apusic Application Server AAS is an enterprise-level middleware, which fully supports JakartaEE specification, provides Web, EJB, WebService containers, and adapts to domestic hardware and software, and is used to support the operation of enterprise-level applications. A remote code...
IBM EntireX 安全漏洞
IBM EntireX is a versatile middleware solution from International Business Machines IBM designed to facilitate seamless integration between core enterprise applications and modern applications. A security vulnerability exists in IBM EntireX version 11.1, which stems from a security issue that can...
IBM EntireX 安全漏洞
IBM EntireX is a versatile middleware solution from International Business Machines IBM designed to facilitate seamless integration between core enterprise applications and modern applications. A security vulnerability exists in IBM EntireX 11.1 that stems from improper synchronization of shared...
Auto-Discover and Secure Middleware Instances in Your Environment
Enterprise middleware plays a critical role in bringing together many moving parts within an organization, ensuring efficient collaboration, seamless integration and interoperability. A systematic evaluation of middleware architectures is important to thoroughly assess the overall security and...