Main Vulnerability Database Vulnerabilities #VU131709

Improper access control in Flowise - #VU131709

Published: May 18, 2026

Vulnerability identifier: #VU131709

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: N/A

CWE-ID: CWE-284

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: FlowiseAI

Affected software:
Flowise

Detailed vulnerability description

The vulnerability allows a remote user to execute arbitrary code.

The vulnerability exists due to improper access control in the MCP command validation logic when processing custom MCP server command configurations. A remote user can provide npx arguments using the --yes alias to execute arbitrary code.

Exploitation requires a Flowise account or an API key with view and update permissions for chatflows, and the target environment must have the npx command available.

Remediation

Install security update from vendor's website.

Sources

https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-m99r-2hxc-cp3q

Improper access control in Flowise - #VU131709

Detailed vulnerability description

Remediation

Sources

Please verify you're human