-
-
Notifications
You must be signed in to change notification settings - Fork 22.8k
Security: FlowiseAI/Flowise
Security Navigation
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
WriteFileTool arbitrary file write vulnerabilityGHSA-jv9m-vf54-chjj published
Oct 8, 2025 by HenryHengZJCritical -
ReadFileTool arbitrary file read vulnerabilityGHSA-j44m-5v8f-gc9c published
Oct 8, 2025 by HenryHengZJHigh -
Critical: Unauthenticated Password Reset Token Disclosure Leading to Account Takeover in Flowise Cloud and Local DeploymentsGHSA-wgpv-6j63-x5ph published
Sep 12, 2025 by HenryHengZJCritical -
SSRF in FlowiseAI/FlosiseGHSA-hr92-4q35-4j3m published
Sep 13, 2025 by HenryHengZJHigh -
RCE in FlowiseAI/FlowiseGHSA-3gcm-f6qx-ff7p published
Sep 13, 2025 by HenryHengZJCritical -
File Upload in FlowiseAI/FlosiseGHSA-35g6-rrw3-v6xc published
Oct 6, 2025 by HenryHengZJHigh -
Arbitrary File ReadGHSA-99pg-hqvx-r4gf published
Sep 13, 2025 by HenryHengZJCritical -
Critical Multi-Tenant Variable Disclosure in Flowise Cloud via Custom JavaScript FunctionGHSA-435c-mg9p-fv22 published
Sep 12, 2025 by HenryHengZJCritical -
FlowiseAI Pre-Auth Arbitrary Code ExecutionGHSA-7944-7c6r-55vv published
Sep 13, 2025 by HenryHengZJCritical -
XSS vulnerability in FlowiseGHSA-4fr9-3x69-36wv published
Oct 3, 2025 by HenryHengZJCritical