Skip to content
Threat Feed
Subscribe

Tag

Flowiseai

7 briefs RSS
high advisory

FlowiseAI Cross-Workspace Assistant Takeover via Mass Assignment

FlowiseAI is vulnerable to a mass assignment vulnerability in the Assistant controller/service allowing an attacker, authenticated as a member of one workspace, to move an assistant (including configurations, instructions, tools and credentials) to another workspace by overwriting the `workspaceId` and `id` fields in the request body, leading to cross-workspace data takeover and IDOR.

flowise <= 3.1.1 mass-assignment cross-workspace flowiseai
2r
high advisory

FlowiseAI Cross-Workspace Dataset Takeover via Mass Assignment

FlowiseAI is vulnerable to a mass assignment vulnerability via `Object.assign(entity, body)` which allows a client-controlled `workspaceId` to be overwritten on the Dataset entity, leading to cross-workspace data takeover and IDOR.

flowise mass-assignment cross-workspace idor flowiseai
2r 1t
high advisory

FlowiseAI Mass Assignment in Assistant Update Endpoint Allows Cross-Workspace Resource Reassignment

FlowiseAI version 3.1.1 and earlier contains a mass assignment vulnerability in the assistant update endpoint, allowing authenticated users to modify server-controlled properties like workspaceId, createdDate, and updatedDate, enabling cross-workspace reassignment of assistants and breaking tenant isolation in multi-workspace environments.

FlowiseAI mass assignment tenant isolation web application
2r 1t
high advisory

FlowiseAI Chatflow Update Endpoint Mass Assignment Vulnerability

A mass assignment vulnerability exists in FlowiseAI's chatflow update endpoint (CVE-2026-42863), allowing authenticated users to modify server-controlled properties like `deployed`, `isPublic`, and `workspaceId` due to missing server-side validation, leading to cross-workspace resource reassignment and unauthorized modification of deployment and visibility settings.

flowise mass-assignment privilege-escalation cross-workspace flowiseai
2r 2t
medium advisory

FlowiseAI Exposes Basic Auth Credentials via API

FlowiseAI exposes a basic authentication endpoint without rate limiting, allowing attackers to brute-force credentials and gain unauthorized access to the application.

flowise credential-access brute-force flowiseai
2r 1t
critical advisory

FlowiseAI File Upload Validation Bypass Leads to RCE

A file upload validation bypass vulnerability exists in FlowiseAI, where the Chatflow configuration file upload settings can be modified to allow the application/javascript MIME type, enabling an attacker to upload .js files, store malicious Node.js web shells on the server, and potentially achieve Remote Code Execution (RCE).

flowiseai file-upload rce web-shell
2r 2t 1c
critical advisory

FlowiseAI AirtableAgent Remote Code Execution via Prompt Injection

A remote code execution vulnerability exists in FlowiseAI's AirtableAgent.ts due to insufficient input verification when using Pandas, allowing attackers to inject malicious code into the prompt and execute arbitrary code via Pyodide.

flowiseai rce prompt-injection airtable
2r 1t