Lucene search
+L

5 matches found

euvd
euvd
added 2026/06/26 12:32 a.m.8 views

EUVD-2025-210336

Flowise before 3.0.6 contains an arbitrary file read vulnerability in the chatId parameter of the /api/v1/get-upload-file and /api/v1/openai-assistants-file/download endpoints. The chatId value is not validated and is passed to streamStorageFile, where a fallback file-lookup path constructed...

8.7CVSS6AI score0.00346EPSS
Exploits1References3
nvd
nvd
added 2026/06/25 10:16 p.m.9 views

CVE-2025-71324

Flowise before 3.0.6 contains an arbitrary file read vulnerability in the chatId parameter of the /api/v1/get-upload-file and /api/v1/openai-assistants-file/download endpoints. The chatId value is not validated and is passed to streamStorageFile, where a fallback file-lookup path constructed...

8.7CVSS0.00346EPSS
Exploits1References2
osv
osv
added 2026/06/25 9:41 p.m.1 views

CVE-2025-71324 Flowise - Arbitrary File Read via chatId Parameter

Flowise before 3.0.6 contains an arbitrary file read vulnerability in the chatId parameter of the /api/v1/get-upload-file and /api/v1/openai-assistants-file/download endpoints. The chatId value is not validated and is passed to streamStorageFile, where a fallback file-lookup path constructed...

8.7CVSS6.1AI score0.00346EPSS
Exploits1References4
cvelist
cvelist
added 2026/06/25 9:41 p.m.22 views

CVE-2025-71324 Flowise - Arbitrary File Read via chatId Parameter

Flowise before 3.0.6 contains an arbitrary file read vulnerability in the chatId parameter of the /api/v1/get-upload-file and /api/v1/openai-assistants-file/download endpoints. The chatId value is not validated and is passed to streamStorageFile, where a fallback file-lookup path constructed...

8.7CVSS0.00346EPSS
Exploits1References2
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2006-3965

Malware in sbrugna...

5CVSS6.4AI score0.03365EPSS
Exploits1References7
Rows per page
Query Builder