Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
4 vulnerabilities by Flowise
CVE-2026-56276 (GCVE-0-2026-56276)
Vulnerability from cvelistv5 – Published: 2026-06-20 15:24 – Updated: 2026-06-20 15:24
VLAI
Title
Flowise - Mass Assignment in PUT /api/v1/user Allows Password Hash Override
Summary
Flowise before 3.1.2 contains a mass assignment vulnerability in the PUT /api/v1/user endpoint that allows authenticated users to directly modify the credential field without validation. Attackers can bypass password change verification and session invalidation by supplying a crafted password hash, establishing persistent account access after temporary session compromise.
Severity
CWE
- CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/FlowiseAI/Flowise/security/adv… | vendor-advisory |
| https://www.vulncheck.com/advisories/flowise-mass… | third-party-advisory |
Impacted products
Date Public
2026-05-14 00:00
Credits
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageURL": "pkg:npm/flowise",
"product": "Flowise",
"vendor": "Flowise",
"versions": [
{
"lessThan": "3.1.2",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "3.1.2",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:flowiseai:flowise:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.1.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "berkdedekarginoglu"
}
],
"datePublic": "2026-05-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Flowise before 3.1.2 contains a mass assignment vulnerability in the PUT /api/v1/user endpoint that allows authenticated users to directly modify the credential field without validation. Attackers can bypass password change verification and session invalidation by supplying a crafted password hash, establishing persistent account access after temporary session compromise."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-915",
"description": "Improperly Controlled Modification of Dynamically-Determined Object Attributes",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-20T15:24:44.035Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GHSA Advisory GHSA-59fh-9f3p-7m39",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-59fh-9f3p-7m39"
},
{
"name": "VulnCheck Advisory: Flowise - Mass Assignment in PUT /api/v1/user Allows Password Hash Override",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/flowise-mass-assignment-in-put-api-v1-user-allows-password-hash-override"
}
],
"title": "Flowise - Mass Assignment in PUT /api/v1/user Allows Password Hash Override",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-56276",
"datePublished": "2026-06-20T15:24:44.035Z",
"dateReserved": "2026-06-20T01:47:54.001Z",
"dateUpdated": "2026-06-20T15:24:44.035Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-56267 (GCVE-0-2026-56267)
Vulnerability from cvelistv5 – Published: 2026-06-20 15:24 – Updated: 2026-06-20 15:24
VLAI
Title
Flowise - PII Disclosure via Unauthenticated Forgot Password Endpoint
Summary
Flowise before 3.0.13 contains an information exposure vulnerability in the POST /api/v1/account/forgot-password endpoint that returns full user objects including PII to unauthenticated attackers. An attacker can enumerate valid email addresses and harvest sensitive user data including user IDs, names, account status, and timestamps by sending requests with known email addresses.
Severity
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/FlowiseAI/Flowise/security/adv… | vendor-advisory |
| https://www.vulncheck.com/advisories/flowise-pii-… | third-party-advisory |
Impacted products
Date Public
2026-03-05 00:00
Credits
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageURL": "pkg:npm/flowise",
"product": "Flowise",
"vendor": "Flowise",
"versions": [
{
"lessThan": "3.0.13",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "3.0.13",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:flowiseai:flowise:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.0.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "tenbbughunters"
}
],
"datePublic": "2026-03-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Flowise before 3.0.13 contains an information exposure vulnerability in the POST /api/v1/account/forgot-password endpoint that returns full user objects including PII to unauthenticated attackers. An attacker can enumerate valid email addresses and harvest sensitive user data including user IDs, names, account status, and timestamps by sending requests with known email addresses."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-20T15:24:43.347Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GHSA Advisory GHSA-jc5m-wrp2-qq38",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-jc5m-wrp2-qq38"
},
{
"name": "VulnCheck Advisory: Flowise - PII Disclosure via Unauthenticated Forgot Password Endpoint",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/flowise-pii-disclosure-via-unauthenticated-forgot-password-endpoint"
}
],
"title": "Flowise - PII Disclosure via Unauthenticated Forgot Password Endpoint",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-56267",
"datePublished": "2026-06-20T15:24:43.347Z",
"dateReserved": "2026-06-20T01:47:54.000Z",
"dateUpdated": "2026-06-20T15:24:43.347Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-71331 (GCVE-0-2025-71331)
Vulnerability from cvelistv5 – Published: 2026-06-20 15:24 – Updated: 2026-06-20 15:24
VLAI
Title
Flowise - Cross-Site Scripting in Chat Messages and Agent Workflows
Summary
Flowise before 3.0.8 contains a cross-site scripting (XSS) vulnerability caused by insufficient input filtering in chat messages and custom agent functions. An attacker can inject malicious JavaScript by sending an iframe payload (e.g., <iframe src="javascript:alert(document.cookie)">) in a chat box, or by having a custom agent function return an XSS payload from an external website. The injected script executes in the victim's browser, enabling theft of cookies and session data.
Severity
6.1 (Medium)
CWE
- CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/FlowiseAI/Flowise/security/adv… | vendor-advisory |
| https://www.vulncheck.com/advisories/flowise-cros… | third-party-advisory |
Impacted products
Date Public
2025-10-03 00:00
Credits
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageURL": "pkg:npm/flowise",
"product": "Flowise",
"vendor": "Flowise",
"versions": [
{
"lessThan": "3.0.8",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "3.0.8",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:flowiseai:flowise:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.0.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "quitbug"
}
],
"datePublic": "2025-10-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Flowise before 3.0.8 contains a cross-site scripting (XSS) vulnerability caused by insufficient input filtering in chat messages and custom agent functions. An attacker can inject malicious JavaScript by sending an iframe payload (e.g., \u003ciframe src=\"javascript:alert(document.cookie)\"\u003e) in a chat box, or by having a custom agent function return an XSS payload from an external website. The injected script executes in the victim\u0027s browser, enabling theft of cookies and session data."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-80",
"description": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-20T15:24:39.877Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GHSA Advisory GHSA-4fr9-3x69-36wv",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-4fr9-3x69-36wv"
},
{
"name": "VulnCheck Advisory: Flowise - Cross-Site Scripting in Chat Messages and Agent Workflows",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/flowise-cross-site-scripting-in-chat-messages-and-agent-workflows"
}
],
"title": "Flowise - Cross-Site Scripting in Chat Messages and Agent Workflows",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-71331",
"datePublished": "2026-06-20T15:24:39.877Z",
"dateReserved": "2026-06-19T12:57:55.856Z",
"dateUpdated": "2026-06-20T15:24:39.877Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-58351 (GCVE-0-2024-58351)
Vulnerability from cvelistv5 – Published: 2026-06-20 15:21 – Updated: 2026-06-20 15:21
VLAI
Title
Flowise - Remote Code Execution via overrideConfig Parameter
Summary
Flowise before 2.1.4 allows configuration to be injected into the Chainflow during execution via the overrideConfig option, supported in both the frontend web integration and the backend Prediction API. Because this feature is enabled by default with no allow-list of permitted variables and relies on vm2 for sandboxing, an attacker can abuse it to achieve remote code execution and sandbox escape, denial of service by crashing the server, server-side request forgery, prompt injection, and server variable and data exfiltration. These issues are self-targeted and do not persist to other users.
Severity
9.8 (Critical)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/FlowiseAI/Flowise/security/adv… | vendor-advisory |
| https://www.vulncheck.com/advisories/flowise-remo… | third-party-advisory |
Impacted products
Date Public
2024-11-21 00:00
Credits
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageURL": "pkg:npm/flowise",
"product": "Flowise",
"vendor": "Flowise",
"versions": [
{
"lessThan": "2.1.4",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "2.1.4",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:flowiseai:flowise:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "ryanhalliday"
}
],
"datePublic": "2024-11-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Flowise before 2.1.4 allows configuration to be injected into the Chainflow during execution via the overrideConfig option, supported in both the frontend web integration and the backend Prediction API. Because this feature is enabled by default with no allow-list of permitted variables and relies on vm2 for sandboxing, an attacker can abuse it to achieve remote code execution and sandbox escape, denial of service by crashing the server, server-side request forgery, prompt injection, and server variable and data exfiltration. These issues are self-targeted and do not persist to other users."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-20T15:21:55.759Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "GHSA Advisory GHSA-5cph-wvm9-45gj",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-5cph-wvm9-45gj"
},
{
"name": "VulnCheck Advisory: Flowise - Remote Code Execution via overrideConfig Parameter",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/flowise-remote-code-execution-via-overrideconfig-parameter"
}
],
"title": "Flowise - Remote Code Execution via overrideConfig Parameter",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2024-58351",
"datePublished": "2026-06-20T15:21:55.759Z",
"dateReserved": "2026-06-08T15:20:35.496Z",
"dateUpdated": "2026-06-20T15:21:55.759Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}