3 matches found
CVE-2026-30824
Flowise prior to 3.0.13 has a missing-auth issue on the NVIDIA NIM endpoints under /api/v1/nvidia-nim/* due to whitelisting in the global authentication middleware. This allows unauthenticated access to privileged functionality such as token generation and container management, enabling an attack...
GHSA-5F53-522J-J454 Flowise Missing Authentication on NVIDIA NIM Endpoints
Missing Authentication on NVIDIA NIM Endpoints Summary The NVIDIA NIM router /api/v1/nvidia-nim/ is whitelisted in the global authentication middleware, allowing unauthenticated access to privileged container management and token generation endpoints. Vulnerability Details | Field | Value |...
Flowise Missing Authentication on NVIDIA NIM Endpoints
Missing Authentication on NVIDIA NIM Endpoints Summary The NVIDIA NIM router /api/v1/nvidia-nim/ is whitelisted in the global authentication middleware, allowing unauthenticated access to privileged container management and token generation endpoints. Vulnerability Details | Field | Value |...