38 matches found
CVE-2026-42862 Flowise: Mass Assignment in Tool Update Endpoint Allows Cross-Workspace Resource Reassignment
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists in the tool update endpoint of FlowiseAI. The endpoint allows authenticated users to modify server-controlled properties such as workspaceId,...
CVE-2026-42862
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists in the tool update endpoint of FlowiseAI. The endpoint allows authenticated users to modify server-controlled properties such as workspaceId,...
CVE-2026-42862 Flowise: Mass Assignment in Tool Update Endpoint Allows Cross-Workspace Resource Reassignment
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists in the tool update endpoint of FlowiseAI. The endpoint allows authenticated users to modify server-controlled properties such as workspaceId,...
CVE-2026-42861 Flowise: Mass Assignment in Variable Update Endpoint Allows Cross-Workspace Resource Reassignment
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists in the variable update endpoint of FlowiseAI. The endpoint allows authenticated users to modify server-controlled properties such as workspaceId,...
PraisonAI Platform workspace-scoped routes allow cross-workspace object access by global object ID
Summary PraisonAI Platform's workspace-scoped REST routes contain a systemic object-level authorization flaw that allows an authenticated user from one workspace to access, modify, and delete objects belonging to another workspace by supplying the victim object's global UUID. The affected pattern...
GHSA-6H6V-6M7W-7VXX PraisonAI Platform workspace-scoped routes allow cross-workspace object access by global object ID
Summary PraisonAI Platform's workspace-scoped REST routes contain a systemic object-level authorization flaw that allows an authenticated user from one workspace to access, modify, and delete objects belonging to another workspace by supplying the victim object's global UUID. The affected pattern...
PraisonAI has Cross-Workspace IDOR and Privilege Escalation via Platform API
Summary The PraisonAI Platform API has two authorization failures that together break workspace isolation. The service layer for issues and projects performs global primary-key lookups without checking workspace ownership, so any authenticated user can read, modify, and delete resources in any...
PT-2026-45068
Summary The PraisonAI Platform API has two authorization failures that together break workspace isolation. The service layer for issues and projects performs global primary-key lookups without checking workspace ownership, so any authenticated user can read, modify, and delete resources in any...
PT-2026-45058
Summary PraisonAI Platform's workspace-scoped REST routes contain a systemic object-level authorization flaw that allows an authenticated user from one workspace to access, modify, and delete objects belonging to another workspace by supplying the victim object's global UUID. The affected pattern...
FlowiseAI: Evaluator create+update mass-assignment allows cross-workspace evaluator takeover
Summary Type: Mass assignment via Object.assignentity, body - client-controlled workspaceId and on create, id overwritten on the Evaluator entity - cross-workspace data takeover and IDOR. File: packages/server/src/Interface.Evaluation.ts Root cause: The Evaluator controller/service constructs a n...
Improperly Controlled Modification of Dynamically-Determined Object Attributes
Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes in the Object.assign process. An attacker can gain unauthorized access to and control over evaluation data across different...
FlowiseAI: Evaluation create+update mass-assignment allows cross-workspace evaluation takeover
Summary Type: Mass assignment via Object.assignentity, body - client-controlled workspaceId and on create, id overwritten on the Evaluation entity - cross-workspace data takeover and IDOR. File: packages/server/src/services/evaluations/index.ts Root cause: The Evaluation controller/service...
GHSA-MQ53-PC65-WJC4 FlowiseAI: Evaluation create+update mass-assignment allows cross-workspace evaluation takeover
Summary Type: Mass assignment via Object.assignentity, body - client-controlled workspaceId and on create, id overwritten on the Evaluation entity - cross-workspace data takeover and IDOR. File: packages/server/src/services/evaluations/index.ts Root cause: The Evaluation controller/service...
Improperly Controlled Modification of Dynamically-Determined Object Attributes
Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes in the Object.assign process. An attacker can gain unauthorized access to and control over data across different workspaces by...
GHSA-5H9V-837X-M97R FlowiseAI: Dataset create+update mass-assignment allows cross-workspace dataset takeover
Summary Type: Mass assignment via Object.assignentity, body - client-controlled workspaceId and on create, id overwritten on the Dataset entity - cross-workspace data takeover and IDOR. File: packages/server/src/services/dataset/index.ts Root cause: The Dataset controller/service constructs a new...
FlowiseAI: CustomTemplate create+update mass-assignment allows cross-workspace template takeover
Summary Type: Mass assignment via Object.assignentity, body - client-controlled workspaceId and on create, id overwritten on the CustomTemplate entity - cross-workspace data takeover and IDOR. File: packages/server/src/services/marketplaces/index.ts Root cause: The CustomTemplate controller/servi...
GHSA-728H-4MWJ-F2P4 FlowiseAI: CustomTemplate create+update mass-assignment allows cross-workspace template takeover
Summary Type: Mass assignment via Object.assignentity, body - client-controlled workspaceId and on create, id overwritten on the CustomTemplate entity - cross-workspace data takeover and IDOR. File: packages/server/src/services/marketplaces/index.ts Root cause: The CustomTemplate controller/servi...
GHSA-78PR-C5X5-JGGC FlowiseAI: Assistant create+update mass-assignment allows cross-workspace assistant takeover
Summary Type: Mass assignment via Object.assignentity, body - client-controlled workspaceId and on create, id overwritten on the Assistant entity - cross-workspace data takeover and IDOR. File: packages/server/src/services/assistants/index.ts Root cause: The Assistant controller/service construct...
FlowiseAI: Assistant create+update mass-assignment allows cross-workspace assistant takeover
Summary Type: Mass assignment via Object.assignentity, body - client-controlled workspaceId and on create, id overwritten on the Assistant entity - cross-workspace data takeover and IDOR. File: packages/server/src/services/assistants/index.ts Root cause: The Assistant controller/service construct...
PT-2026-41212
Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.2 Description A mass assignment issue exists in the dataset create and update processes. The application uses Object.assign to copy the request body into a Dataset entity without an explicit field allowlist,...