Lucene search
K

48 matches found

Cvelist
Cvelist
added 2026/06/25 9:41 p.m.20 views

CVE-2025-71334 Flowise - Arbitrary File Access via Missing Chat Flow ID Validation

Flowise before 3.0.6 affected versions 2.2.8 and earlier contains an arbitrary file access vulnerability due to missing validation that the chatflowId and chatId parameters are UUIDs or numbers in file handling operations. By supplying a path-traversal value e.g., '../../../../../tmp' as the...

9.8CVSS0.0086EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.14 views

PT-2026-52613

Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.0.6 Description Missing validation of the chatflowId and chatId parameters in file handling operations allows unauthenticated attackers to perform arbitrary file access. By using path-traversal values, an attacker c...

9.8CVSS6.1AI score0.0086EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/06/24 11:53 a.m.5 views

CVE-2025-71332

Flowise through 2.2.7 contains a SQL injection vulnerability in the importChatflows API. Due to insufficient validation of the chatflow.id value, an authenticated user can supply a crafted JSON import file whose id field is concatenated unsanitized into a SQL IN clause, allowing arbitrary SQL to ...

8.8CVSS6AI score0.00283EPSS
Exploits1References3
CVE
CVE
added 2026/06/24 11:53 a.m.6 views

CVE-2025-71332

Flowise 2.2.7 contains a SQL injection in the importChatflows API triggered by unsanitized chatflow.id in a JSON import file. An authenticated user can craft the id field so it is concatenated into a SQL IN clause, enabling arbitrary SQL execution and extraction of data from the credential table ...

8.8CVSS6AI score0.00283EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/06/24 11:53 a.m.33 views

CVE-2025-71332 Flowise - SQL Injection in importChatflows API via chatflow.id Parameter

Flowise through 2.2.7 contains a SQL injection vulnerability in the importChatflows API. Due to insufficient validation of the chatflow.id value, an authenticated user can supply a crafted JSON import file whose id field is concatenated unsanitized into a SQL IN clause, allowing arbitrary SQL to ...

8.5CVSS0.00283EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/06/23 12:13 p.m.5 views

CVE-2026-56274

Flowise before 3.1.2 contains multiple OS command injection vulnerabilities in the Custom MCP Server feature due to incomplete command-flag validation and a regex bypass in local file access restrictions. An attacker with a Flowise account of any role, or API access with view/update permissions f...

9.9CVSS6.2AI score0.02683EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/06/22 9:4 p.m.5 views

CVE-2026-56268

Flowise before 3.1.2 contains an information disclosure vulnerability in the /api/v1/chatflows/apikey/:apikey endpoint. When the keyonly query parameter is omitted the default, the endpoint returns not only the chatflows bound to the supplied API key but also all chatflows across every workspace...

7.7CVSS5.9AI score0.00281EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/06/22 9:4 p.m.23 views

CVE-2026-56268 Flowise - Cross-Workspace Information Disclosure via chatflows/apikey Endpoint

Flowise before 3.1.2 contains an information disclosure vulnerability in the /api/v1/chatflows/apikey/:apikey endpoint. When the keyonly query parameter is omitted the default, the endpoint returns not only the chatflows bound to the supplied API key but also all chatflows across every workspace...

7.7CVSS0.00281EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/22 9:4 p.m.6 views

EUVD-2026-38367

Flowise before 3.1.2 contains an information disclosure vulnerability in the /api/v1/chatflows/apikey/:apikey endpoint. When the keyonly query parameter is omitted the default, the endpoint returns not only the chatflows bound to the supplied API key but also all chatflows across every workspace...

7.7CVSS5.9AI score0.00281EPSS
Exploits1References2
CVE
CVE
added 2026/06/22 9:4 p.m.9 views

CVE-2026-56268

Flowise ≤ 3.1.1 is vulnerable via /api/v1/chatflows/apikey/:apikey. The keyonly parameter omission returns chatflows bound to the API key plus unprotected chatflows across all workspaces (no workspace filter). attacker with valid API key can read full ChatFlow configuration (flowData with system ...

7.7CVSS5.9AI score0.00281EPSS
Exploits1References2Affected Software1
Patchstack
Patchstack
added 2026/05/20 3:45 p.m.15 views

NPM: Flowise: Cross-Workspace Chatflow Disclosure via chatflows/apikey Endpoint Returns All Unprotected Chatflows

NPM: Flowise: Cross-Workspace Chatflow Disclosure via chatflows/apikey Endpoint Returns All Unprotected Chatflows vulnerability discovered by ? in WordPress Npm flowise versions = 3.1.1...

5.8AI score
Exploits0References2Affected Software1
OSV
OSV
added 2026/05/20 3:45 p.m.6 views

GHSA-C2C9-MFW7-P8HW Flowise: Cross-Workspace Chatflow Disclosure via chatflows/apikey Endpoint Returns All Unprotected Chatflows

Summary The /api/v1/chatflows/apikey/:apikey endpoint whitelisted, accessible with API key auth only returns all chatflows bound to the provided API key AND all chatflows across the entire system that have no API key assigned. This crosses workspace boundaries, allowing a user in Workspace A who...

5.3CVSS5.8AI score0.00281EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/05/20 3:45 p.m.24 views

Flowise: Cross-Workspace Chatflow Disclosure via chatflows/apikey Endpoint Returns All Unprotected Chatflows

Summary The /api/v1/chatflows/apikey/:apikey endpoint whitelisted, accessible with API key auth only returns all chatflows bound to the provided API key AND all chatflows across the entire system that have no API key assigned. This crosses workspace boundaries, allowing a user in Workspace A who...

7.7CVSS5.8AI score0.00281EPSS
Exploits1References2Affected Software1
Snyk
Snyk
added 2026/05/14 2:57 p.m.11 views

Incomplete List of Disallowed Inputs

Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs inadequate input validation in the validateCommandFlags and validateArgsForLocalFileAccess functions. An attacker can execute arbitrary commands on the server by bypassi...

8.8CVSS6.1AI score
Exploits0References2
Snyk
Snyk
added 2026/05/14 2:57 p.m.13 views

Incomplete List of Disallowed Inputs

Overview flowise-components is a Flowiseai Components Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs inadequate input validation in the validateCommandFlags and validateArgsForLocalFileAccess functions. An attacker can execute arbitrary commands on the...

8.8CVSS6.1AI score
Exploits0References2
Snyk
Snyk
added 2026/05/14 2:54 p.m.8 views

Improperly Controlled Modification of Dynamically-Determined Object Attributes

Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes over the /api/v1/chatflows endpoint. A user can gain unauthorized access to and modify sensitive attributes, such as deployment...

7.6CVSS5.8AI score0.00268EPSS
Exploits1References3
CNVD
CNVD
added 2026/04/24 12:0 a.m.12 views

Flowise Information Disclosure Vulnerability

Flowise is a FlowiseAI open source tool for easily building LLM applications. Flowise suffers from an information disclosure vulnerability caused by a flaw in the /api/v1/public-chatflows/:id endpoint that can be exploited by an attacker to obtain sensitive information...

8.7CVSS5.7AI score0.00421EPSS
Exploits1
NVD
NVD
added 2026/04/23 8:16 p.m.5 views

CVE-2026-41278

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the GET /api/v1/public-chatflows/:id endpoint returns the full chatflow object without sanitization for public chatflows. Docker validation revealed this is worse than initially assessed: the...

8.7CVSS0.00421EPSS
Exploits1References1
NVD
NVD
added 2026/04/23 8:16 p.m.7 views

CVE-2026-41273

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, Flowise contains an authentication bypass vulnerability that allows an unauthenticated attacker to obtain OAuth 2.0 access tokens associated with a public chatflow. By accessing a public...

8.2CVSS0.00308EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/23 7:52 p.m.6 views

CVE-2026-41278

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the GET /api/v1/public-chatflows/:id endpoint returns the full chatflow object without sanitization for public chatflows. Docker validation revealed this is worse than initially assessed: the...

8.7CVSS5.8AI score0.00421EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder