CVE-2024-58351
published 2026-06-20CVE-2024-58351: Flowise before 2.1.4 allows configuration to be injected into the Chainflow during execution via the overrideConfig option, supported in both the frontend web…
PriorityP263critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.65%
46.4th percentile
Flowise before 2.1.4 allows configuration to be injected into the Chainflow during execution via the overrideConfig option, supported in both the frontend web integration and the backend Prediction API. Because this feature is enabled by default with no allow-list of permitted variables and relies on vm2 for sandboxing, an attacker can abuse it to achieve remote code execution and sandbox escape, denial of service by crashing the server, server-side request forgery, prompt injection, and server variable and data exfiltration. These issues are self-targeted and do not persist to other users.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| flowise | flowise | < 2.1.4 | 2.1.4 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.09.3CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Flowise up to 2.1.3 Configuration code injection (GHSA-5cph-wvm9-45gj / EUVD-2024-55642)
vuldb·2026-06-20·CVSS 9.8
CVE-2024-58351 [CRITICAL] Flowise up to 2.1.3 Configuration code injection (GHSA-5cph-wvm9-45gj / EUVD-2024-55642)
A vulnerability marked as critical has been reported in Flowise up to 2.1.3. Affected by this vulnerability is an unknown functionality of the component Configuration Handler. Performing a manipulation results in code injection.
This vulnerability is reported as CVE-2024-58351. The attack is possible to be carried out remotely. No exploit exists.
It is suggested to upgrade the affected component.
GHSA
Flowise before 2.1.4 allows configuration to be injected into the Chainflow during execution via the overrideConfig option, supported in both the frontend web integration and the backend Prediction AP
ghsa_unreviewed·2026-06-20
CVE-2024-58351 [CRITICAL] CWE-94 Flowise before 2.1.4 allows configuration to be injected into the Chainflow during execution via the overrideConfig option, supported in both the frontend web integration and the backend Prediction AP
Flowise before 2.1.4 allows configuration to be injected into the Chainflow during execution via the overrideConfig option, supported in both the frontend web integration and the backend Prediction API. Because this feature is enabled by default with no allow-list of permitted variables and relies on vm2 for sandboxing, an attacker can abuse it to achieve remote code execution and sandbox escape, denial of service by crashing the server, server-side request forgery, prompt injection, and server variable and data exfiltration. These issues are self-targeted and do not persist to other users.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-06-20
Published