Flowise

Flowise is vulnerable to arbitrary file write through its WriteFileTool

Flowise Unauthenticated Denial of Service (DoS) vulnerability

Flowise: Sensitive Data Leak in public-chatbotConfig

Flowise: Unauthenticated TTS endpoint accepts arbitrary credential IDs — enables API credit abuse via stored credentials

Flowise: Unauthenticated OAuth 2.0 Access Token Disclosure via Public Chatflow in Flowise

Flowise: Cypher Injection in GraphCypherQAChain

FlowiseAI Pre-Auth Arbitrary Code Execution

FlowiseAI Flowise arbitrary file upload vulnerability

Flowise Allows Mass Assignment in `/api/v1/leads` Endpoint

Flowise Cross-site Scripting in /api/v1/chatflows-streaming/id

Flowise: APIChain Prompt Injection SSRF in GET/POST API Chains

Flowise: Improper Mass Assignment in Account Registration Enables Unauthorized Organization Association

Flowise Cross-site Scripting in /api/v1/public-chatflows/id

Flowise has Authorization Bypass via Spoofed x-request-from Header

Flowise: File Upload Validation Bypass in createAttachment

Flowise: Path Traversal in Vector Store basePath

Flowise vulnerable to RCE via Dynamic function constructor injection

Flowise: SSRF Protection Bypass via Unprotected Built-in HTTP Modules in Custom Function Sandbox

Flowise: Airtable_Agent Code Injection Remote Code Execution Vulnerability

Flowise vulnerable to code injection via api/v1

FlowiseAI/Flosise has File Upload vulnerability

Flowise: CSV Agent Prompt Injection Remote Code Execution Vulnerability

Flowise: Remote code execution vulnerability in AirtableAgent.ts caused by lack of input verification when using `Pandas`.

Flowise: resetPassword Authentication Bypass Vulnerability

Flowise: Mass Assignment in DocumentStore Create Endpoint Leads to Cross-Workspace Object Takeover (IDOR)

Flowise: Weak Default Token Hash Secret

Flowise: Unauthenticated Information Disclosure of OAuth Secrets (Cleartext) via GET Request

Flowise: Code Injection in CSVAgent leads to Authenticated RCE

Flowise: Public chatflow endpoints return unsanitized flowData including plaintext API keys, passwords, and credential IDs

Flowise has Insufficient Password Salt Rounds

Flowise: Parameter Override Bypass Remote Command Execution

Flowise has IDOR leading to Account Takeover and Enterprise Feature Bypass via SSO Configuration

Flowise Path Injection at /api/v1/openai-assistants-file

Flowise is vulnerable to arbitrary file exposure through its ReadFileTool

Flowise has Arbitrary File Upload via MIME Spoofing

FlowiseAI: Dataset create+update mass-assignment allows cross-workspace dataset takeover

FlowiseAI has Mass Assignment in Chatflow Update Endpoint that Allows Cross-Workspace AgentFlow Reassignment

FlowiseAI has Mass Assignment in Variable Update Endpoint that Allows Cross-Workspace Resource Reassignment

FlowiseAI: CustomTemplate create+update mass-assignment allows cross-workspace template takeover

FlowiseAI Vulnerable to Credential Data Leak

FlowiseAI: DatasetRow create+update mass-assignment allows cross-workspace row takeover

FlowiseAI: Authenticated Host RCE via POST /api/v1/node-custom-function and NodeVM Sandbox Escape

Flowise: Authenticated RCE Via MCP Adapters

Flowise Vulnerable to PII Disclosure on Unauthenticated Forgot Password Endpoint

Flowise and Flowise Chat Embed vulnerable to Stored Cross-site Scripting

Flowise has an MCP Security Bypass that Enables RCE

Flowise: Password Reset Link Sent Over Unsecured HTTP

FlowiseAI Exposes Basic Auth Credentials via API

Flowise: SSRF Protection Bypass via Direct node-fetch / axios Usage (Patch Enforcement Failure)

Flowise: SSRF Protection Bypass (TOCTOU & Default Insecure)

Flowise: Weak Default Express Session Secret

Flowise Cross-site Scripting in api/v1/chatflows/id

FlowiseAI: Evaluator create+update mass-assignment allows cross-workspace evaluator takeover

Flowise Cors Misconfiguration in packages/server/src/index.ts

Flowise: Weak Default JWT Secrets

Flowise affected by Server-Side Request Forgery (SSRF) in HTTP Node Leading to Internal Network Access

Flowise Vulnerable to SQL Injection via `tableName` Parameter

Flowise: Authenticated Command Execution and Sandbox Bypass via Puppeteer and Playwright Packages

Flowise Cross-site Scripting in/api/v1/credentials/id

Flowise Missing Authentication on NVIDIA NIM Endpoints

FlowiseAI: Vector Store No Permission Checks

FlowiseAI has Mass Assignment in Assistant Update Endpoint that Allows Cross-Workspace Resource Reassignment

FlowiseAI: Evaluation create+update mass-assignment allows cross-workspace evaluation takeover

Flowise Stored XSS vulnerability through logs in chatbot

FlowiseAI has Mass Assignment in Tool Update Endpoint that Allows Cross-Workspace Resource Reassignment

Flowise is vulnerable to stored XSS via "View Messages" allows credential theft in FlowiseAI admin panel

FlowiseAI: Assistant create+update mass-assignment allows cross-workspace assistant takeover

Flowise: Cross-Workspace Chatflow Disclosure via chatflows/apikey Endpoint Returns All Unprotected Chatflows

Flowise: Mass Assignment in PUT /api/v1/user Allows Authenticated Users to Override Password Hash and Bypass Password Change Verification

Flowise: Hardcoded CORS wildcard on TTS endpoint enables cross-origin credential abuse from any webpage

Flowise: Bcrypt Password Hash Exposure

Flowise Execute Flow function has an SSRF vulnerability