CVE-2026-46475

HIGH(8.8)

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Risk Signal Score27/100 — MITTEL

CVSS 8.8 — Hoch

EPSS-Score

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

8.8

Technische Schwere

Beschreibung

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, assistant create and update mass-assignment allows cross-workspace assistant takeover. This issue has been patched in version 3.1.2.

GitHub Advisories

GHSA-78pr-c5x5-jggcHIGH

FlowiseAI: Assistant create+update mass-assignment allows cross-workspace assistant takeover

npm/flowise→ 3.1.2

GitHub Advisory

Referenzen

https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2
https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-78pr-c5x5-jggc
https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-78pr-c5x5-jggc