CVE-2026-30822
published 2026-03-07CVE-2026-30822: Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, unauthenticated users can inject arbitrary…
PriorityP264high7.7CVSS 3.0
AVNACHPRNUINSUCHIHAL
EPSS
12.90%
95.8th percentile
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, unauthenticated users can inject arbitrary values into internal database fields when creating leads. This issue has been patched in version 3.0.13.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| flowiseai | flowise | < 3.0.13 | 3.0.13 |
| flowiseai | flowise | >= 0 < 3.0.13 | 3.0.13 |
Detection & IOCsextracted from sources · hover to see the quote
- →CVE-2026-30822 affects Flowise versions prior to 3.0.13; unauthenticated users can inject arbitrary values into internal database fields when creating leads — monitor unauthenticated POST requests to lead-creation endpoints for unexpected or oversized field values. ↗
- ·The vulnerability is exploitable without authentication; any Flowise instance prior to 3.0.13 that exposes its lead-creation API publicly is at risk. ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Flowise Allows Mass Assignment in `/api/v1/leads` Endpoint
osv·2026-03-06
CVE-2026-30822 [HIGH] Flowise Allows Mass Assignment in `/api/v1/leads` Endpoint
Flowise Allows Mass Assignment in `/api/v1/leads` Endpoint
## Summary
**A Mass Assignment vulnerability in the `/api/v1/leads` endpoint allows any unauthenticated user to control internal entity fields (`id`, `createdDate`, `chatId`) by including them in the request body.**
The endpoint uses `Object.assign()` to copy all properties from the request body to the Lead entity without any input validation or field filtering. This allows attackers to bypass auto-generated fields and inject arbitrary values.
| Field | Value |
|-------|-------|
| **Vulnerability Type** | Mass Assignment |
| **CWE ID** | [CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes](https://cwe.mitre.org/data/definitions/915.html) |
| **Authentication Required** | None |
| **Affected
GHSA
Flowise Allows Mass Assignment in `/api/v1/leads` Endpoint
ghsa·2026-03-06
CVE-2026-30822 [HIGH] CWE-915 Flowise Allows Mass Assignment in `/api/v1/leads` Endpoint
Flowise Allows Mass Assignment in `/api/v1/leads` Endpoint
## Summary
**A Mass Assignment vulnerability in the `/api/v1/leads` endpoint allows any unauthenticated user to control internal entity fields (`id`, `createdDate`, `chatId`) by including them in the request body.**
The endpoint uses `Object.assign()` to copy all properties from the request body to the Lead entity without any input validation or field filtering. This allows attackers to bypass auto-generated fields and inject arbitrary values.
| Field | Value |
|-------|-------|
| **Vulnerability Type** | Mass Assignment |
| **CWE ID** | [CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes](https://cwe.mitre.org/data/definitions/915.html) |
| **Authentication Required** | None |
| **Affected
No detection rules found.
No public exploits indexed.
Wiz
CVE-2026-30822 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.2
CVE-2026-30822 [HIGH] CVE-2026-30822 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-30822 :
Flowise vulnerability analysis and mitigation
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, unauthenticated users can inject arbitrary values into internal database fields when creating leads. This issue has been patched in version 3.0.13.
Source : NVD
## 7.7
Score
Published March 7, 2026
Severity HIGH
CNA Score 7.7
Affected Technologies
Flowise
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 39.5
Exploitation Probability (EPSS) 0.2
Affected packages and libraries
flowise
Sources
NVD
npm Severity HIGH Has Fix Added at: Mar 08, 2026
## Get a CVE risk assessment
Get a prioritized view of CV
Wiz
CVE-2026-30821 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.2
CVE-2026-30821 [HIGH] CVE-2026-30821 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-30821 :
Flowise vulnerability analysis and mitigation
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, the /api/v1/attachments/:chatflowId/:chatId endpoint is listed in WHITELIST_URLS, allowing unauthenticated access to the file upload API. While the server validates uploads based on the MIME types defined in chatbotConfig.fullFileUpload.allowedUploadFileTypes, it implicitly trusts the client-provided Content-Type header (file.mimetype) without verifying the file's actual content (magic bytes) or extension (file.originalname). Consequently, an attacker can bypass this restriction by spoofing the Content-Type as a permitted type (e.g., application/pdf) while uploading malicious scripts or arbitrary files. Once up
Wiz
CVE-2026-30824 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.2
CVE-2026-30824 [HIGH] CVE-2026-30824 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-30824 :
Flowise vulnerability analysis and mitigation
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, the NVIDIA NIM router (/api/v1/nvidia-nim/*) is whitelisted in the global authentication middleware, allowing unauthenticated access to privileged container management and token generation endpoints. This issue has been patched in version 3.0.13.
Source : NVD
## 7.7
Score
Published March 7, 2026
Severity HIGH
CNA Score 7.7
Affected Technologies
Flowise
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 10.4
Exploitation Probability (EPSS) N/A
Affected packages and libraries
flowise
Sources
NVD
npm Severit
Wiz
CVE-2026-30820 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.7
CVE-2026-30820 [HIGH] CVE-2026-30820 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-30820 :
Flowise vulnerability analysis and mitigation
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, Flowise trusts any HTTP client that sets the header x-request-from: internal, allowing an authenticated tenant session to bypass all /api/v1/** authorization checks. With only a browser cookie, a low-privilege tenant can invoke internal administration endpoints (API key management, credential stores, custom function execution, etc.), effectively escalating privilege. This issue has been patched in version 3.0.13.
Source : NVD
## 8.7
Score
Published March 7, 2026
Severity HIGH
CNA Score 8.7
Affected Technologies
Flowise
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA K
Wiz
GHSA-jc5m-wrp2-qq38 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz
GHSA-jc5m-wrp2-qq38 Impact, Exploitability, and Mitigation Steps | Wiz
## GHSA-jc5m-wrp2-qq38 :
Flowise vulnerability analysis and mitigation
## Summary
/api/v1/account/forgot-password
## Vulnerability Details
CWE
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
Affected File
packages/server/src/enterprise/services/account.service.ts
Endpoint
POST /api/v1/account/forgot-password
Authentication
None required
CVSS 3.1
3.7 (Low)
## Root Cause
account.service.ts
forgotPassword
public async forgotPassword(data: AccountDTO) {
// ...
const user = await this.userService.readUserByEmail(data.user.email, queryRunner)
if (!user) throw new InternalFlowiseError(StatusCodes.NOT_FOUND, UserErrorMessage.USER_NOT_FOUND)
data.user = user
// ... password reset logic ...
return sanitizeUser(data.user) // Returns user object with PII
}
s
Wiz
CVE-2026-31829 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.2
CVE-2026-31829 [HIGH] CVE-2026-31829 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-31829 :
Flowise vulnerability analysis and mitigation
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.0.13, Flowise exposes an HTTP Node in AgentFlow and Chatflow that performs server-side HTTP requests using user-controlled URLs. By default, there are no restrictions on target hosts, including private/internal IP ranges (RFC 1918), localhost, or cloud metadata endpoints. This enables Server-Side Request Forgery (SSRF), allowing any user interacting with a publicly exposed chatflow to force the Flowise server to make requests to internal network resources that are inaccessible from the public internet. This vulnerability is fixed in 3.0.13.
Source : NVD
## 8.8
Score
Published March 10, 2026
Severity HIGH
CNA Score 7.
Wiz
CVE-2026-30823 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.2
CVE-2026-30823 [HIGH] CVE-2026-30823 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-30823 :
Flowise vulnerability analysis and mitigation
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, there is an IDOR vulnerability, leading to account takeover and enterprise feature bypass via SSO configuration. This issue has been patched in version 3.0.13.
Source : NVD
## 8.8
Score
Published March 7, 2026
Severity HIGH
CNA Score 8.8
Affected Technologies
Flowise
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 4.7
Exploitation Probability (EPSS) N/A
Affected packages and libraries
flowise
Sources
NVD
npm Severity HIGH Has Fix Added at: Mar 08, 2026
## Get a CVE risk assessment
Get a prioritized
Wiz
GHSA-x2g5-fvc2-gqvp Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz
GHSA-x2g5-fvc2-gqvp Impact, Exploitability, and Mitigation Steps | Wiz
## GHSA-x2g5-fvc2-gqvp :
Flowise vulnerability analysis and mitigation
## Description
The default bcrypt salt rounds is set to 5, which is below the recommended minimum for security.
## Affected Code
export function getHash(value: string) {
const salt = bcrypt.genSaltSync(parseInt(process.env.PASSWORD_SALT_HASH_ROUNDS || '5'))
return bcrypt.hashSync(value, salt)
}
## Evidence
Using 5 salt rounds provides 2^5 = 32 iterations, which is far below the OWASP recommendation of 10 (2^10 = 1024 iterations) for bcrypt. This makes password hashes vulnerable to brute-force attacks with modern hardware.
## Impact
Faster password cracking - in the event of database compromise, attackers can crack password hashes significantly faster than with proper salt rounds, potentially compromising
2026-03-07
Published