CVE-2026-58057

Flowise before 3.1.3 is affected: a case-sensitive denylist for Custom MCP stdio environment variables allows bypass on Windows (case-insensitive env names). An authenticated user who can configure a Custom MCP node can inject NODE_OPTIONS --require to execute arbitrary code in the Flowise server...

Exploit for Code Injection in Flowiseai Flowise

CVE-2025-59528.yaml Flowise is a drag & drop user interface to...

CVE-2025-59528 Flowise has Remote Code Execution vulnerability

Flowise is a drag & drop user interface to build a customized large language model flow. In version 3.0.5, Flowise is vulnerable to remote code execution. The CustomMCP node allows users to input configuration settings for connecting to an external MCP server. This node parses the user-provided...

CVE-2025-59528

Flowise 3.0.5 contains a remote code execution vulnerability in the CustomMCP node. The mcpServerConfig string is parsed and passed to the Function() constructor via convertToValidJSONString without validation, allowing an attacker to execute arbitrary JavaScript with Node.js privileges (e.g., ac...

Flowise has Remote Code Execution vulnerability

Description Cause of the Vulnerability The CustomMCP node allows users to input configuration settings for connecting to an external MCP Model Context Protocol server. This node parses the user-provided mcpServerConfig string to build the MCP server configuration. However, during this process, it...

PT-2025-39075

Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.0.6 Description Flowise is a drag-and-drop user interface for building customized large language model flows. A critical issue exists in the CustomMCP node, which allows users to input configuration settings for...