CVE-2025-57164
published 2025-10-17CVE-2025-57164: Flowise through v3.0.4 is vulnerable to remote code execution via unsanitized evaluation of user input in the "Supabase RPC Filter" field.
PriorityP342medium6.5CVSS 3.1
AVNACLPRNUINSUCLILAN
EPSS
0.58%
43.4th percentile
Flowise through v3.0.4 is vulnerable to remote code execution via unsanitized evaluation of user input in the "Supabase RPC Filter" field.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| flowiseai | flowise | — | — |
| flowiseai | flowise | >= 3.0.5 < 3.0.6 | 3.0.6 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
FlowiseAI Pre-Auth Arbitrary Code Execution
osv·2025-09-15
CVE-2025-57164 [CRITICAL] FlowiseAI Pre-Auth Arbitrary Code Execution
FlowiseAI Pre-Auth Arbitrary Code Execution
## Summary
An authenticated admin user of **FlowiseAI** can exploit the **Supabase RPC Filter** component to execute **arbitrary server-side code** without restriction. By injecting a malicious payload into the filter expression field, the attacker can directly trigger JavaScript's `execSync()` to launch reverse shells, access environment secrets, or perform any OS-level command execution.
This results in **full server compromise** and severe breach of trust boundaries between frontend input and backend execution logic.
## Details
FlowiseAI includes a component called `Supabase.ts`, located at: `packages/components/nodes/vectorstores/Supabase/Supabase.ts#L237`
This creates a function from user-provided string `supabaseRPCFilter` with no fi
GHSA
FlowiseAI Pre-Auth Arbitrary Code Execution
ghsa·2025-09-15
CVE-2025-57164 [CRITICAL] CWE-94 FlowiseAI Pre-Auth Arbitrary Code Execution
FlowiseAI Pre-Auth Arbitrary Code Execution
## Summary
An authenticated admin user of **FlowiseAI** can exploit the **Supabase RPC Filter** component to execute **arbitrary server-side code** without restriction. By injecting a malicious payload into the filter expression field, the attacker can directly trigger JavaScript's `execSync()` to launch reverse shells, access environment secrets, or perform any OS-level command execution.
This results in **full server compromise** and severe breach of trust boundaries between frontend input and backend execution logic.
## Details
FlowiseAI includes a component called `Supabase.ts`, located at: `packages/components/nodes/vectorstores/Supabase/Supabase.ts#L237`
This creates a function from user-provided string `supabaseRPCFilter` with no fi
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-10-17
Published