Flowise

This hub aggregates every CVE we track for Flowise, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Flowise.

• CVE-2026-56268Flowise - Cross-Workspace Information Disclosure via chatflows/apikey Endpoint7.7Jun 22, 2026
• CVE-2026-12821FlowiseAI Flowise S3 Document Loader S3.ts path traversal6.3Jun 21, 2026
• CVE-2025-71331Flowise - Cross-Site Scripting in Chat Messages and Agent Workflows6.1Jun 20, 2026
• CVE-2024-58351Flowise - Remote Code Execution via overrideConfig Parameter9.8Jun 20, 2026
• CVE-2026-46480Flowise: Evaluator create+update mass-assignment allows cross-workspace evaluator takeover8.8Jun 8, 2026
• CVE-2026-46479Flowise: Evaluation create+update mass-assignment allows cross-workspace evaluation takeover8.8Jun 8, 2026
• CVE-2026-46478Flowise: DatasetRow create+update mass-assignment allows cross-workspace row takeover8.8Jun 8, 2026
• CVE-2026-46477Flowise: Dataset create+update mass-assignment allows cross-workspace dataset takeover8.8Jun 8, 2026
• CVE-2026-46476Flowise: CustomTemplate create+update mass-assignment allows cross-workspace template takeover8.8Jun 8, 2026
• CVE-2026-46475Flowise: Assistant create+update mass-assignment allows cross-workspace assistant takeover8.8Jun 8, 2026
• CVE-2026-46443Flowise: Credential Data Leak6.5Jun 8, 2026
• CVE-2026-46442Flowise: Authenticated Host RCE via POST /api/v1/node-custom-function and NodeVM Sandbox Escape9.9Jun 8, 2026
• CVE-2026-46441Flowise: Mass Assignment in Assistant Update Endpoint Allows Cross-Workspace Resource Reassignment9.6Jun 8, 2026
• CVE-2026-46440Flowise: Basic Auth Credentials Exposed via API9.1Jun 8, 2026
• CVE-2026-42863Flowise: Mass Assignment in Chatflow Update Endpoint Allows Cross-Workspace AgentFlow Reassignment8.1Jun 8, 2026