Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
Flowise Vulnerability Exploited by Hackers

Flowise Vulnerability Exploited by Hackers

Posted on April 7, 2026 By CWS

Security experts have issued a warning that a significant vulnerability in the Flowise platform is being actively exploited by cybercriminals. This flaw, identified as CVE-2025-59528 with a critical CVSS score of 10, permits attackers to execute arbitrary code remotely, according to a report by VulnCheck.

Understanding the Flowise Vulnerability

Flowise, known for its ability to develop customized LLM flows and autonomous agents through a user-friendly drag-and-drop interface, has been compromised due to a lack of validation in user-supplied JavaScript code. This code is processed in a function that handles configuration settings for connecting to an external MCP.

The vulnerability arises because the input provided by users to set up the MCP server configuration is directly evaluated and executed as JavaScript code. This process occurs with full Node.js runtime privileges, leading to potential remote code execution and unauthorized access to the file system.

Impact and Potential Threats

The successful exploitation of this bug could result in attackers taking over vulnerable systems and stealing sensitive data. Flowise has highlighted the severity of this issue, noting that only an API token is needed for exploitation, which poses substantial risks to business operations and customer data.

The flaw affects Flowise versions up to 3.0.5. However, a patch was issued in version 3.0.6, released in September 2025, to address this security defect. Despite the availability of this patch, VulnCheck has observed active attempts to exploit this vulnerability, indicating that attackers are targeting systems that have yet to be updated.

Current Exploitation and Precautionary Measures

VulnCheck has reported that between 12,000 and 15,000 Flowise instances are publicly accessible, although the exact number running vulnerable versions is unknown. This substantial internet-facing attack surface increases the potential for opportunistic scanning and exploitation by cybercriminals.

Caitlin Condon, VP of security research at VulnCheck, emphasized the criticality of this vulnerability given Flowise’s popularity among large corporations. She noted that the vulnerability has been known for over six months, providing defenders ample time to patch systems.

Organizations using Flowise are urged to update to the latest version to mitigate these risks. As attackers continue to exploit this vulnerability, ensuring systems are secure is crucial to protect sensitive information and maintain business continuity.

Security Week News Tags:API token, CVE-2025-59528, Cybersecurity, Flowise, Flowise versions, Hackers, internet security, MCP server, Node.js, Patch, remote code execution, Security, security risk, VulnCheck, Vulnerability

Post navigation

Previous Post: Critical Docker Vulnerability Allows Host Access
Next Post: Android Zero-Interaction Bug Sparks Urgent Security Patch

Related Posts

Offroad Secures M Funding to Address Identity Risks Offroad Secures $7M Funding to Address Identity Risks Security Week News
Archetyp Dark Web Market Shut Down by Law Enforcement Archetyp Dark Web Market Shut Down by Law Enforcement Security Week News
Cerby Raises  Million for Identity Automation Platform Cerby Raises $40 Million for Identity Automation Platform Security Week News
Wynn Resorts Confirms Data Breach Amid Cybersecurity Concerns Wynn Resorts Confirms Data Breach Amid Cybersecurity Concerns Security Week News
QNAP Resolves Flaws Revealed at Pwn2Own 2025 QNAP Resolves Flaws Revealed at Pwn2Own 2025 Security Week News
Depthfirst Raises  Million for Vulnerability Management Depthfirst Raises $40 Million for Vulnerability Management Security Week News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • GitLost Flaw Exposes GitHub Repos via AI Workflow
  • VECT and TeamPCP: Unveiling the Ransomware Supply Chain Strategy
  • Global Expansion of Gentlemen Ransomware Threats
  • Critical Flaw in Google Dialogflow CX Exposed
  • Vulnerability in GCP Dialogflow Enables Malicious Code Injection

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • GitLost Flaw Exposes GitHub Repos via AI Workflow
  • VECT and TeamPCP: Unveiling the Ransomware Supply Chain Strategy
  • Global Expansion of Gentlemen Ransomware Threats
  • Critical Flaw in Google Dialogflow CX Exposed
  • Vulnerability in GCP Dialogflow Enables Malicious Code Injection

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark