Lucene search
K

8 matches found

NVD
NVD
added 2 days ago8 views

CVE-2026-56271

Flowise before 3.1.0 affected versions 3.0.13 and earlier uses weak hardcoded default JWT secrets 'authtoken', 'refreshtoken' and default audience and issuer values 'AUDIENCE', 'ISSUER' in the enterprise passport authentication middleware packages/server/src/enterprise/middleware/passport/index.t...

9.8CVSS0.00396EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-43228

Flowise before 3.1.0 affected versions 3.0.13 and earlier uses weak hardcoded default JWT secrets 'authtoken', 'refreshtoken' and default audience and issuer values 'AUDIENCE', 'ISSUER' in the enterprise passport authentication middleware packages/server/src/enterprise/middleware/passport/index.t...

9.8CVSS6.1AI score0.00396EPSS
Exploits0References2
OSV
OSV
added 2 days ago3 views

CVE-2026-56271 Flowise - Weak Default JWT Secrets in Authentication Middleware

Flowise before 3.1.0 affected versions 3.0.13 and earlier uses weak hardcoded default JWT secrets 'authtoken', 'refreshtoken' and default audience and issuer values 'AUDIENCE', 'ISSUER' in the enterprise passport authentication middleware packages/server/src/enterprise/middleware/passport/index.t...

9.3CVSS6.1AI score0.00396EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2 days ago7 views

PT-2026-57552

Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.0 Description The enterprise passport authentication middleware in packages/server/src/enterprise/middleware/passport/index.ts uses weak hardcoded default secrets and values for audience and issuer. When the...

9.8CVSS6.1AI score0.00396EPSS
Exploits0References8
CNVD
CNVD
added 2025/03/25 12:0 a.m.18 views

IIOP Deserialization Remote Code Execution Vulnerability in Kingdee Apusic Application Server of Kingdee Software (China) Co.

Kingdee Apusic Application Server AAS is an enterprise-level middleware, which fully supports JakartaEE specification, provides Web, EJB, WebService containers, and adapts to domestic hardware and software, and is used to support the operation of enterprise-level applications. A remote code...

8.2AI score
Exploits0
CNNVD
CNNVD
added 2025/02/27 12:0 a.m.5 views

IBM EntireX 安全漏洞

IBM EntireX is a versatile middleware solution from International Business Machines IBM designed to facilitate seamless integration between core enterprise applications and modern applications. A security vulnerability exists in IBM EntireX version 11.1, which stems from a security issue that can...

3.3CVSS6.2AI score0.00135EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/02/27 12:0 a.m.6 views

IBM EntireX 安全漏洞

IBM EntireX is a versatile middleware solution from International Business Machines IBM designed to facilitate seamless integration between core enterprise applications and modern applications. A security vulnerability exists in IBM EntireX 11.1 that stems from improper synchronization of shared...

3.3CVSS6.4AI score0.00104EPSS
Exploits0References3
Qualys Blog
Qualys Blog
added 2020/10/15 6:53 p.m.35 views

Auto-Discover and Secure Middleware Instances in Your Environment

Enterprise middleware plays a critical role in bringing together many moving parts within an organization, ensuring efficient collaboration, seamless integration and interoperability. A systematic evaluation of middleware architectures is important to thoroughly assess the overall security and...

0.1AI score
Exploits0
Rows per page
Query Builder