Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

npm

flowise

npm

Flowiseai Server

View on npmjs.org

Security Advisories for flowise in npm

High
1 day ago

Flowise has Authentication Bypass Using Unprotected Registration Endpoint (/register) GSA_kwCzR0hTQS12NXc5LXByeGYtdzg4Ms4ABOm_

npm flowise
High
4 days ago

Flowise Fails to Invalidate Existing Sessions After Password Changes GSA_kwCzR0hTQS14N3JwLXFqMmgtZ2hnd84ABOju

npm flowise
High
about 1 month ago

Flowise: Authenticated Command Execution and Sandbox Bypass via Puppeteer and Playwright Packages GSA_kwCzR0hTQS1yNGhoLXBjZ3gtajVyMs4ABNaj

npm flowise
High
about 1 month ago

Flowise is vulnerable to arbitrary file exposure through its ReadFileTool GSA_kwCzR0hTQS1qNDRtLTV2OGYtZ2M5Y84ABNQ-

npm flowise-components, flowise
Critical
about 1 month ago

Flowise is vulnerable to arbitrary file write through its WriteFileTool GSA_kwCzR0hTQS1qdjltLXZmNTQtY2hqas4ABNKD

npm flowise-components, flowise
High
about 1 month ago

FlowiseAI/Flosise has File Upload vulnerability GSA_kwCzR0hTQS0zNWc2LXJydzMtdjZ4Y84ABNIu

npm flowise
Critical
about 1 month ago

Flowise vulnerable to RCE via Dynamic function constructor injection GSA_kwCzR0hTQS1obWdoLTQ2NmotZng0Y84ABM_s

npm flowise
Moderate
about 2 months ago

Flowise Stored XSS vulnerability through logs in chatbot GSA_kwCzR0hTQS03cjRoLXZtajktd2c0Ms4ABM7h

npm flowise
Critical
about 2 months ago

Flowise is vulnerable to stored XSS via "View Messages" allows credential theft in FlowiseAI admin panel GSA_kwCzR0hTQS05NjRwLWo0Z2ctbWh3Y84ABM7g

npm flowise
Moderate
about 2 months ago

Flowise vulnerable to XSS GSA_kwCzR0hTQS00ZnI5LTN4NjktMzZ3ds4ABM6z

npm flowise
High
2 months ago

Flowise has unsandboxed remote code execution via Custom MCP GSA_kwCzR0hTQS02OTMzLWpweDUtcTg3cc4ABMIl

npm flowise
Critical
2 months ago

Flowise has arbitrary file access due to missing chat flow id validation GSA_kwCzR0hTQS1xNjdxLTU0OXEtcDg0Oc4ABMIk

npm flowise
Critical
2 months ago

Flowise has an Arbitrary File Read GSA_kwCzR0hTQS05OXBnLWhxdngtcjRnZs4ABMIj

npm flowise
Critical
2 months ago

Flowise has Remote Code Execution vulnerability GSA_kwCzR0hTQS0zZ2NtLWY2cXgtZmY3cM4ABMIi

npm flowise
High
2 months ago

FlowiseAI/Flowise has Server-Side Request Forgery (SSRF) vulnerability GSA_kwCzR0hTQS1ocjkyLTRxMzUtNGozbc4ABMIh

npm flowise
Critical
2 months ago

FlowiseAI Pre-Auth Arbitrary Code Execution GSA_kwCzR0hTQS03OTQ0LTdjNnItNTV2ds4ABMIg

npm flowise
Critical
2 months ago

Flowise Cloud and Local Deployments have Unauthenticated Password Reset Token Disclosure that Leads to Account Takeover GSA_kwCzR0hTQS13Z3B2LTZqNjMteDVwaM4ABMB8

npm flowise
Critical
3 months ago

Flowise OS command remote code execution GSA_kwCzR0hTQS0ydnYyLTN4OHgtNGd2N84ABLD2

npm flowise
Moderate
8 months ago

FlowiseDB vulnerable to SQL Injection by authenticated users GSA_kwCzR0hTQS05YzRjLWc5NW0tYzhjcM4ABGhA

npm flowise
Critical
8 months ago

Flowise allows arbitrary file write to RCE GSA_kwCzR0hTQS04dnZ4LXF2cTktNTk0OM4ABFfO

npm flowise
Critical
8 months ago

Flowise Pre-auth Arbitrary File Upload GSA_kwCzR0hTQS1oNDJ4LXh4MnEtNnY2Z84ABFbt

npm flowise
High
9 months ago

FlowiseAI Flowise arbitrary file upload vulnerability GSA_kwCzR0hTQS02OWpxLXFyN3ctajdxaM4ABFFr

npm flowise
High
12 months ago

Flowise OverrideConfig security vulnerability GSA_kwCzR0hTQS01Y3BoLXd2bTktNDVnas4ABBnC

npm flowise
Moderate
about 1 year ago

Flowise and Flowise Chat Embed vulnerable to Stored Cross-site Scripting GSA_kwCzR0hTQS1tNXA5LXh2eGotNjRjOM4AA_wR

npm flowise, flowise-embed
High
about 1 year ago

Flowise Unauthenticated Denial of Service (DoS) vulnerability GSA_kwCzR0hTQS00OHg0LW14OGYtZ3I0aM4AA--P

npm flowise
High
about 1 year ago

Flowise Authentication Bypass vulnerability GSA_kwCzR0hTQS0ycTR3LXg4aDItMmZ2aM4AA--Q

npm flowise
Moderate
over 1 year ago

Flowise Cross-site Scripting in /api/v1/public-chatflows/id GSA_kwCzR0hTQS1mY2N4LTJwd2otaHJxN84AA-Y5

npm flowise
Moderate
over 1 year ago

Flowise Cross-site Scripting in /api/v1/chatflows-streaming/id GSA_kwCzR0hTQS04NThjLXF4dngtcmc5ds4AA-Y8

npm flowise
Moderate
over 1 year ago

Flowise Cross-site Scripting in api/v1/chatflows/id GSA_kwCzR0hTQS0yamNoLXFjOTYtOWY1Z84AA-Y6

npm flowise
Moderate
over 1 year ago

Flowise Cross-site Scripting in/api/v1/credentials/id GSA_kwCzR0hTQS13eG00LTlmOHAtZ2dnds4AA-Y7

npm flowise
High
over 1 year ago

Flowise Path Injection at /api/v1/openai-assistants-file GSA_kwCzR0hTQS1oOTk3LTNmeGotcDVqOM4AA-Y2

npm flowise
High
over 1 year ago

Flowise Cors Misconfiguration in packages/server/src/index.ts GSA_kwCzR0hTQS02NmYyLXh4Z20tZjZ4cM4AA-Y4

npm flowise
High
over 1 year ago

Flowise vulnerable to code injection via api/v1 GSA_kwCzR0hTQS02d3A2LTIyeDUtcnIzd84AA7Y-

npm flowise

Filter by Severity

High 14 Critical 11 Moderate 8