Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Cvelist
Cvelistadded 2026/03/07 5:10 a.m.24 views

CVE-2026-30823 Flowise: IDOR leading to Account Takeover and Enterprise Feature Bypass via SSO Configuration

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, there is an IDOR vulnerability, leading to account takeover and enterprise feature bypass via SSO configuration. This issue has been patched in version 3.0.13...

8.8CVSS0.00033EPSS
Exploits1References2
CNNVD
CNNVDadded 2026/03/07 12:0 a.m.2 views

Flowise 安全漏洞

Flowise is an open-source tool developed by FlowiseAI, designed for easily building LLM applications. Versions of Flowise prior to 3.0.13 contained security vulnerabilities, which were caused by insecure direct object references. These vulnerabilities could lead to account takeover and bypassing...

8.8CVSS7.3AI score0.00033EPSS
Exploits1References2
OSV
OSVadded 2026/03/06 10:20 p.m.3 views

GHSA-CWC3-P92J-G7QM Flowise has IDOR leading to Account Takeover and Enterprise Feature Bypass via SSO Configuration

Summary The Flowise platform has a critical Insecure Direct Object Reference IDOR vulnerability combined with a Business Logic Flaw in the PUT /api/v1/loginmethod endpoint. While the endpoint requires authentication, it fails to validate if the authenticated user has ownership or administrative...

8.8CVSS5.8AI score0.00033EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2026/03/06 12:0 a.m.3 views

PT-2026-23789

Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.0.13 Description Flowise is a drag & drop user interface to build customized large language model flows. A critical Insecure Direct Object Reference IDOR vulnerability, combined with a Business Logic Flaw, exists in...

8.8CVSS7.3AI score0.00033EPSS
Exploits1References4
vulnersOsv
vulnersOsvadded 2021/12/18 6:0 p.m.0 views

com.savoirtech.aetos:aetos (>=4.2.0.1 <=4.2.1), org.apache.karaf.examples:karaf-docker-example-dynamic-dist (=4.2.13) +13 more potentially affected by CVE-2021-45105 via org.ops4j.pax.logging:pax-logging-log4j2 (>=1.11.10 <=1.11.11)

org.ops4j.pax.logging:pax-logging-log4j2 MAVEN version =1.11.10, =4.2.0.1, =1.11.10, =1.11.10, =1.11.10, =1.11.11 Source cves: CVE-2021-45105 Source advisory: OSV:GHSA-P6XC-XR62-6R2G...

5.9CVSS7AI score0.74016EPSS
Exploits20
ThreatPost
ThreatPostadded 2016/03/07 4:6 p.m.11 views

Amazon Backtracks On Encryption Removal

Amazon reversed course on its unpopular decision to remove encryption from its Fire OS 5 tablets. Over the weekend, Amazon said, customers’ device-level encryption support will return this spring. The move comes after Amazon customers and privacy activists expressed outrage over the company’s...

6.3AI score
Exploits0References2
Microsoft Security Update
Microsoft Security Updateadded 1970/01/01 12:0 a.m.9 views

Windows Server 2003, Datacenter Edition

Windows Server 2003, Datacenter Edition...

2.1AI score
Exploits0
Rows per page
Query Builder