SecBoard
Zurück zur CVE-Übersicht

CVE-2026-46479

HIGH(8.8)

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Risk Signal Score22/100 — NIEDRIG
  • CVSS 8.8 — Hoch

EPSS-Score

0%

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

8.8

Technische Schwere

Beschreibung

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, evaluation create and update mass-assignment allows cross-workspace evaluation takeover. This issue has been patched in version 3.1.2.

GitHub Advisories

GHSA-mq53-pc65-wjc4HIGH

FlowiseAI: Evaluation create+update mass-assignment allows cross-workspace evaluation takeover

npm/flowise3.1.2
GitHub Advisory

Referenzen