cbcvebase.
CVE-2025-57164
published 2025-10-17

CVE-2025-57164: Flowise through v3.0.4 is vulnerable to remote code execution via unsanitized evaluation of user input in the "Supabase RPC Filter" field.

PriorityP342medium6.5CVSS 3.1
AVNACLPRNUINSUCLILAN
EPSS
0.58%
43.4th percentile
Flowise through v3.0.4 is vulnerable to remote code execution via unsanitized evaluation of user input in the "Supabase RPC Filter" field.

Affected

2 ranges
VendorProductVersion rangeFixed in
flowiseaiflowise
flowiseaiflowise>= 3.0.5 < 3.0.63.0.6
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.