Skip to main content

Flowise CVE-2026-46440

| EUVDEUVD-2026-35107 CRITICAL
Insufficiently Protected Credentials (CWE-522)
2026-06-08 GitHub_M GHSA-php6-83fg-gw3g
9.1
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.1 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
vuln.today AI
7.4 HIGH

Network-reachable and unauthenticated to attempt, but successful compromise depends on guessing an operator-set password, raising AC to High; no availability impact on the auth endpoint itself.

3.1 AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
4.0 AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

8
Analysis Updated
Jun 11, 2026 - 04:13 vuln.today
v3 (cvss_changed)
Analysis Updated
Jun 11, 2026 - 04:13 vuln.today
v2 (cvss_changed)
Re-analysis Queued
Jun 11, 2026 - 04:07 vuln.today
cvss_changed
Severity Changed
Jun 11, 2026 - 04:07 NVD
HIGH CRITICAL
CVSS changed
Jun 11, 2026 - 04:07 NVD
7.5 (HIGH) 9.1 (CRITICAL)
Patch available
Jun 08, 2026 - 17:01 EUVD
Source Code Evidence Fetched
Jun 08, 2026 - 16:18 vuln.today
Analysis Generated
Jun 08, 2026 - 16:18 vuln.today

DescriptionNVD

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, the checkBasicAuth endpoint validates credentials in plaintext without rate limiting and with direct comparison. This issue has been patched in version 3.1.2.

AnalysisAI

Credential brute-force exposure in Flowise prior to 3.1.2 allows remote unauthenticated attackers to perform unlimited password-guessing attacks against the checkBasicAuth endpoint, which lacks rate limiting and uses non-constant-time plaintext comparison against the FLOWISE_USERNAME and FLOWISE_PASSWORD environment variables. Successful exploitation grants full access to the Flowise LLM workflow builder. No public exploit identified at time of analysis, though the GHSA advisory documents the vulnerable code path in detail and EPSS sits at a low 0.04%.

Technical ContextAI

Flowise is a Node.js/TypeScript application providing a drag-and-drop interface for building LLM workflows. The flaw lives in packages/server/src/enterprise/controllers/account.controller.ts at lines 128-135, where the checkBasicAuth controller reads username and password from the JSON request body and compares them with the JavaScript === operator against process.env.FLOWISE_USERNAME and process.env.FLOWISE_PASSWORD. This maps to CWE-522 (Insufficiently Protected Credentials) because the RateLimiterManager is scoped to chatflow endpoints and never wraps the auth route, the strict-equality comparison is not constant-time (enabling timing side-channels), and divergent success/failure response messages permit username enumeration. The affected CPE is cpe:2.3:a:flowiseai:flowise covering all releases up to and including 3.1.1.

RemediationAI

Vendor-released patch: upgrade Flowise to 3.1.2 or later, available at https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2, which is bundled with several other security fixes including CORS hardening on the TTS endpoint and IDOR fixes in /api/v1/user. If immediate upgrade is not possible, place the checkBasicAuth endpoint (and the broader Flowise UI) behind a reverse proxy or WAF that enforces strict per-IP rate limits and IP allowlisting - accepting the trade-off that legitimate operator logins from new IPs may be blocked - and rotate FLOWISE_USERNAME/FLOWISE_PASSWORD to long, high-entropy values to make brute-force computationally infeasible. Additionally restrict network exposure of the Flowise instance to trusted management networks or a VPN, recognizing this disrupts any intended internet-facing usage, and enable application-level access logging to detect enumeration attempts. Full advisory details are available at https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-php6-83fg-gw3g.

CVE-2025-59528 CRITICAL POC
10.0 Sep 22

Flowise version 3.0.5 contains a remote code execution vulnerability in the CustomMCP node. The mcpServerConfig paramete

CVE-2025-8943 CRITICAL POC
9.8 Aug 14

Flowise versions before 3.0.1 allow unauthenticated access to the Custom MCPs feature, which is designed to execute OS c

CVE-2025-26319 CRITICAL POC
9.8 Mar 04

FlowiseAI Flowise version 2.2.6 contains an arbitrary file upload vulnerability in the /api/v1/attachments endpoint. Una

CVE-2025-58434 CRITICAL POC
9.8 Sep 12

Flowise is a drag & drop user interface to build a customized large language model flow. Rated critical severity (CVSS 9

CVE-2026-30821 CRITICAL POC
9.8 Mar 07

Unrestricted file upload in Flowise LLM workflow builder before 3.0.13 via /api/v1/attachments endpoint allows unauthent

CVE-2026-30824 CRITICAL POC
9.8 Mar 07

Missing authentication on NVD data endpoint in Flowise before 3.0.13 allows unauthenticated access to internal vulnerabi

CVE-2026-56274 HIGH POC
8.7 Jun 23

Remote code execution in Flowise before 3.1.2 allows any authenticated user (or API caller with chatflow view/update per

CVE-2026-30820 HIGH POC
8.8 Mar 07

Privilege escalation in Flowise versions prior to 3.0.13 allows authenticated users to bypass API authorization by spoof

CVE-2026-30823 HIGH POC
8.8 Mar 07

Flowise versions up to 3.0.13 is affected by authorization bypass through user-controlled key (CVSS 8.8).

CVE-2025-34267 HIGH POC
8.4 Oct 14

Authenticated remote code execution in FlowiseAI Flowise (v3.0.1 up to but not including 3.0.8, and later versions when

CVE-2024-8181 HIGH POC
8.1 Aug 27

An Authentication Bypass vulnerability exists in Flowise version 1.8.2. Rated high severity (CVSS 8.1), this vulnerabili

CVE-2026-30822 HIGH POC
7.7 Mar 07

Flowise versions up to 3.0.13 is affected by improperly controlled modification of dynamically-determined object attribu

Share

CVE-2026-46440 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy