flowiseai security advisories
7 threat alerts tracking vulnerabilities and security advisories that affect flowiseai products.
Vulnios monitors flowiseai CVE feeds, vendor advisories, CISA KEV listings, and exploit-prediction data continuously. Each alert below is enriched with severity, exploitation status, affected products, and a remediation path. Use this page to scan recent flowiseai security news in one place, or click into an individual alert for full detail.
Critical Vulnerability: CVE-2026-43995 — flowiseai — flowise
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, multiple tool implementations directly import and invoke raw HTTP clients (node-fetch, axios) i
criticalCVE-2026-43995Critical Vulnerability: CVE-2026-41274 — flowiseai — flowise
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the GraphCypherQAChain node forwards user-provided input directly into the Cypher query executi
criticalCVE-2026-41274Critical Vulnerability: CVE-2026-41265 — flowiseai — flowise
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the specific flaw exists within the run method of the Airtable_Agents class. The issue results
criticalCVE-2026-41265Critical Vulnerability: CVE-2026-41268 — flowiseai — flowise
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, Flowise is vulnerable to a critical unauthenticated remote command execution (RCE) vulnerabilit
criticalCVE-2026-41268Critical Vulnerability: CVE-2026-41276 — flowiseai — flowise
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, this vulnerability allows remote attackers to bypass authentication on affected installations o
criticalCVE-2026-41276Critical Vulnerability: CVE-2026-41264 — flowiseai — flowise
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the specific flaw exists within the run method of the CSV_Agents class. The issue results from
criticalCVE-2026-41264Critical Vulnerability: CVE-2026-40933 — flowiseai — flowise
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, due to unsafe serialization of stdio commands in the MCP adapter, an authenticated attacker can
criticalCVE-2026-40933
Track flowiseai exposure across your environment
Vulnios automatically cross-references your asset inventory against new flowiseai CVEs and surfaces only what affects you. No more sifting manually — actionable findings only.
Start a free scan