CVE-2025-26319

Critical CVSS: 9.8

FlowiseAI Flowise v2.2.6 was discovered to contain an arbitrary file upload vulnerability in /api/v1/attachments.

Vendor

Product

CWE

Yayın Tarihi

2025-03-04 22:15:40

Güncelleme

2025-06-24 00:50:39

Source Identifier

cve@mitre.org

KEV Date Added

CWE-434 Flowise CRITICAL Flowiseai 2025

https://github.com/dorattias/CVE-2025-26319 https://github.com/dorattias/CVE-2025-26319

High

CVE-2026-31829

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.0.13, Flowise expose…

High

CVE-2026-30823

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, there…

High

CVE-2026-30824

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, the NV…

High

CVE-2026-30822

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, unauth…

High

CVE-2026-30820

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, Flowis…

High

CVE-2026-30821

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, the /a…