CVE-2025-61913
published 2025-10-08CVE-2025-61913: Flowise is a drag & drop user interface to build a customized large language model flow. In versions prior to 3.0.8, WriteFileTool and ReadFileTool in Flowise…
PriorityP275critical9.9CVSS 3.1
AVNACLPRLUINSCCHIHAH
EPSS
11.85%
95.6th percentile
Flowise is a drag & drop user interface to build a customized large language model flow. In versions prior to 3.0.8, WriteFileTool and ReadFileTool in Flowise do not restrict file path access, allowing authenticated attackers to exploit this vulnerability to read and write arbitrary files to any path in the file system, potentially leading to remote command execution. Flowise 3.0.8 fixes this vulnerability.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| flowiseai | flowise | < 3.0.8 | 3.0.8 |
| flowiseai | flowise | >= 0 < 3.0.8 | 3.0.8 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Flowise is vulnerable to arbitrary file write through its WriteFileTool
ghsa·2025-10-09
CVE-2025-61913 [CRITICAL] CWE-22 Flowise is vulnerable to arbitrary file write through its WriteFileTool
Flowise is vulnerable to arbitrary file write through its WriteFileTool
### Summary
The WriteFileTool in Flowise does not restrict the file path for reading, allowing authenticated attackers to exploit this vulnerability to write arbitrary files to any path in the file system, potentially leading to remote command execution.
### Details
Flowise supports providing WriteFileTool for large models, which is used to write files to the server's file system. The implementation of this tool is located at packages/components/nodes/tools/WriteFile/WriteFile.ts.
```
/**
* Class for writing data to files on the disk. Extends the StructuredTool
* class.
*/
export class WriteFileTool extends StructuredTool {
static lc_name() {
return 'WriteFileTool'
}
schema = z.object({
file_path: z.string().desc
OSV
Flowise is vulnerable to arbitrary file write through its WriteFileTool
osv·2025-10-09
CVE-2025-61913 [CRITICAL] Flowise is vulnerable to arbitrary file write through its WriteFileTool
Flowise is vulnerable to arbitrary file write through its WriteFileTool
### Summary
The WriteFileTool in Flowise does not restrict the file path for reading, allowing authenticated attackers to exploit this vulnerability to write arbitrary files to any path in the file system, potentially leading to remote command execution.
### Details
Flowise supports providing WriteFileTool for large models, which is used to write files to the server's file system. The implementation of this tool is located at packages/components/nodes/tools/WriteFile/WriteFile.ts.
```
/**
* Class for writing data to files on the disk. Extends the StructuredTool
* class.
*/
export class WriteFileTool extends StructuredTool {
static lc_name() {
return 'WriteFileTool'
}
schema = z.object({
file_path: z.string().desc
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/FlowiseAI/Flowise/commit/1fb12cd93143592a18995f63b781d25b354d48a3https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.8https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-j44m-5v8f-gc9chttps://github.com/FlowiseAI/Flowise/security/advisories/GHSA-jv9m-vf54-chjjhttps://github.com/FlowiseAI/Flowise/security/advisories/GHSA-j44m-5v8f-gc9chttps://github.com/FlowiseAI/Flowise/security/advisories/GHSA-jv9m-vf54-chjj
2025-10-08
Published