Skip to main content

Flowise CVE-2026-56269

| EUVDEUVD-2026-38746 MEDIUM
Use of Hard-coded Credentials (CWE-798)
2026-06-24 VulnCheck
4.3
CVSS 4.0 · Vendor: VulnCheck
Share

Severity by source

Vendor (VulnCheck) PRIMARY
4.3 MEDIUM
CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
7.1 HIGH

Authenticated network users can decrypt JWT metadata using the publicly known default key; JWT signature validation independently limits integrity impact to low.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (VulnCheck).

CVSS VectorVendor: VulnCheck

CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
High
Privileges Required
High
User Interaction
A
Scope
X

Lifecycle Timeline

3
Patch available
Jun 24, 2026 - 13:01 EUVD
Source Code Evidence Fetched
Jun 24, 2026 - 12:23 vuln.today
Analysis Generated
Jun 24, 2026 - 12:23 vuln.today

DescriptionCVE.org

Flowise before 3.1.0 (npm package flowise, versions 3.0.13 and earlier) uses a weak hardcoded default value 'Secre$t' for the TOKEN_HASH_SECRET environment variable in packages/server/src/enterprise/utils/tempTokenUtils.ts when the variable is not configured. This secret derives the AES-256-CBC key used to encrypt user IDs and workspace IDs in the 'meta' field of JWT tokens. An attacker who knows the default secret can decrypt this metadata to extract internal user and workspace identifiers, and re-encrypt manipulated values such as altered user or workspace IDs. Because the JWT signature is validated separately, decrypting or tampering with this metadata does not by itself grant access, but the disclosure of internal identifiers and possible metadata manipulation could aid privilege escalation or unauthorized data access.

AnalysisAI

Flowise versions 3.0.13 and earlier silently fall back to a hardcoded AES-256-CBC encryption key derived from the publicly known literal 'Secre$t' when TOKEN_HASH_SECRET is not configured, exposing the user and workspace IDs encoded in the 'meta' field of every JWT token issued by an unconfigured deployment. An authenticated user or network-positioned attacker who obtains any valid JWT can decrypt this metadata using the default key - now disclosed in the GHSA advisory and source code - and re-encrypt manipulated identifiers to probe downstream access controls. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Recon
Authenticate to unconfigured Flowise instance
Delivery
Capture issued JWT token
Exploit
Decrypt 'meta' field using known default key
Install
Extract internal user and workspace UUIDs
C2
Re-encrypt manipulated workspace ID into new meta
Execute
Embed crafted meta into API requests
Impact
Probe tenant access controls for unauthorized data

Vulnerability AssessmentAI

Exploitation The vulnerability is triggered only when the TOKEN_HASH_SECRET environment variable is NOT explicitly configured - the application then silently falls back to the hardcoded 'Secre$t' value. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The provided CVSS 4.0 vector (AV:L/AC:H/PR:H/UI:A, score 4.3) models a highly constrained scenario - local access, high privileges, high complexity, and required user interaction - which appears to reflect the privilege-escalation follow-on path rather than the information-disclosure path accessible to ordinary authenticated users over the network. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has created a legitimate account on a Flowise instance where TOKEN_HASH_SECRET was never configured authenticates, captures their issued JWT, and uses the publicly disclosed default key 'Secre$t' (AES-256-CBC via SHA-256 of the secret) to decrypt the 'meta' field, obtaining internal user and workspace UUIDs for their own session and inferring enumerable patterns for other tenants. The attacker then re-encrypts a modified 'meta' field substituting a target workspace ID and embeds it into API requests to probe whether any multi-tenant access control endpoint processes the meta value without independently re-validating tenant membership through the JWT signature. …
Remediation Upgrade the flowise npm package to version 3.1.0 or later, which is the vendor-confirmed fix per the GHSA advisory at https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-m7mq-85xj-9x33. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2024-55591 CRITICAL POC
9.8 Jan 14

FortiOS and FortiProxy contain an authentication bypass via the Node.js websocket module allowing unauthenticated remote

CVE-2014-7205 CRITICAL POC
10.0 Oct 08

Eval injection vulnerability in the internals.batch function in lib/batch.js in the bassmaster plugin before 1.5.2 for t

CVE-2025-59528 CRITICAL POC
10.0 Sep 22

Flowise version 3.0.5 contains a remote code execution vulnerability in the CustomMCP node. The mcpServerConfig paramete

CVE-2017-14849 HIGH POC
7.5 Sep 28

Node.js 8.5.0 before 8.6.0 allows remote attackers to access unintended files, because a change to ".." handling was inc

CVE-2017-5941 CRITICAL POC
9.8 Feb 09

An issue was discovered in the node-serialize package 0.0.4 for Node.js. Rated critical severity (CVSS 9.8), this vulner

CVE-2014-3744 HIGH POC
7.5 Oct 23

Directory traversal vulnerability in the st module before 0.2.5 for Node.js allows remote attackers to read arbitrary fi

CVE-2014-9566 HIGH POC
7.5 Mar 10

Multiple SQL injection vulnerabilities in the Manage Accounts page in the AccountManagement.asmx service in the Solarwin

CVE-2013-4660 MEDIUM POC
6.8 Jun 28

The JS-YAML module before 2.0.5 for Node.js parses input without properly considering the unsafe !!js/function tag, whic

CVE-2015-5688 MEDIUM POC
5.0 Sep 04

Directory traversal vulnerability in lib/app/index.js in Geddy before 13.0.8 for Node.js allows remote attackers to read

CVE-2026-45321 CRITICAL POC
9.6 May 12

Credential-harvesting malware compromised 84 versions of 42 TanStack npm packages on 2026-05-11 via chained GitHub Actio

CVE-2014-7192 CRITICAL POC
10.0 Dec 11

Eval injection vulnerability in index.js in the syntax-error package before 1.1.1 for Node.js 0.10.x, as used in IBM Rat

CVE-2013-4450 MEDIUM POC
5.0 Oct 21

The HTTP server in Node.js 0.10.x before 0.10.21 and 0.8.x before 0.8.26 allows remote attackers to cause a denial of se

Share

CVE-2026-56269 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy