CVE-2025-57164

Medium CVSS: 6.5

Flowise through v3.0.4 is vulnerable to remote code execution via unsanitized evaluation of user input in the "Supabase RPC Filter" field.

Vendor

Product

CWE

Yayın Tarihi

2025-10-17 18:15:37

Güncelleme

2025-10-23 12:33:49

Source Identifier

cve@mitre.org

KEV Date Added

CWE-77 Flowise MEDIUM Flowiseai 2025

https://github.com/FlowiseAI/Flowise https://github.com/FlowiseAI/Flowise/blob/main/packages/components/nodes/vectorstores/Supabase/Supabase.ts#L237 https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-7944-7c6r-55vv

High

CVE-2026-31829

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.0.13, Flowise expose…

High

CVE-2026-30823

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, there…

High

CVE-2026-30824

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, the NV…

High

CVE-2026-30822

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, unauth…

High

CVE-2026-30820

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, Flowis…

High

CVE-2026-30821

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, the /a…