Vulnerability Database

Total number of vulnerabilities in the DB: 296,278

flowiseai / flowise

You can search for specific versions with https://synscan.net/product/flowise/1.2.3

Title	Severity	Exploit	Date	Affected Version
CVE-2025-29189	High		Apr 9, 2025	<= 2.2.3
CVE-2025-26319	High		Mar 5, 2025	== 2.2.6
CVE-2024-9148	Medium		Sep 25, 2024	< 2.1.1
CVE-2024-8181	High		Aug 27, 2024	== 1.8.2
CVE-2024-8182	High		Aug 27, 2024	== 1.8.2
CVE-2024-37146	Medium		Jul 1, 2024	<= 1.4.3
CVE-2024-37145	Medium		Jul 1, 2024	<= 1.4.3
CVE-2024-36423	Medium		Jul 1, 2024	<= 1.4.3
CVE-2024-36422	Medium		Jul 1, 2024	== 1.4.3
CVE-2024-36421	High		Jul 1, 2024	== 1.4.3

‹
›

1
2
›

flowise

You can search for specific versions with https://synscan.net/product/flowise/1.2.3

Title	Severity	Exploit	Date	Affected Version
Flowise has unsandboxed remote code execution via Custom MCP	High		Sep 15, 2025	>= 2.2.7-patch.1 < 3.0.6
Flowise has arbitrary file access due to missing chat flow id validation	Critical		Sep 15, 2025	>= 2.2.8 < 3.0.6
Flowise has an Arbitrary File Read	Critical		Sep 15, 2025	== 3.0.5 >= 3.0.5 < 3.0.6
Flowise has Remote Code Execution vulnerability	Critical		Sep 15, 2025	== 3.0.5 >= 3.0.5 < 3.0.6
FlowiseAI/Flowise has Server-Side Request Forgery (SSRF) vulnerability	High		Sep 15, 2025	== 3.0.5 >= 3.0.5 < 3.0.6
FlowiseAI Pre-Auth Arbitrary Code Execution	Critical		Sep 15, 2025	== 3.0.5 >= 3.0.5 < 3.0.6
CVE-2025-58434	Critical		Sep 12, 2025	< 3.0.6
CVE-2025-8943	Critical		Aug 14, 2025	<= 3.0.5
CVE-2025-55346	Critical		Aug 14, 2025	<= 3.0.5
FlowiseDB vulnerable to SQL Injection by authenticated users	Medium		Apr 7, 2025	<= 2.2.7

‹
›

1
2
3
›