Description
Flowise before 3.0.6 contains an arbitrary file read vulnerability in the chatId parameter of the /api/v1/get-upload-file and /api/v1/openai-assistants-file/download endpoints. The chatId value is not validated and is passed to streamStorageFile(), where a fallback file-lookup path constructed without the orgId is evaluated after the storage-directory containment check, allowing path traversal beyond the intended storage directory. Unauthenticated attackers can read sensitive files such as /root/.flowise/database.sqlite, exposing all database content in the default configuration.
Published: 2026-06-25
Score: 8.7 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Flowise instances that run a version prior to 3.0.6 have an arbitrary file read weakness in the chatId parameter of the /api/v1/get-upload-file and /api/v1/openai-assistants-file/download endpoints. The parameter is not validated and is passed directly to streamStorageFile(), where a fallback file‑lookup path that excludes the orgId is evaluated after a storage‑directory containment check. This allows an attacker to perform path traversal and read any file on the host that the kernel process can access, including sensitive files such as /root/.flowise/database.sqlite. Exposure of the database content would reveal all stored data. The flaw falls under CWE‑73 Path Traversal.

Affected Systems

Vendors: Flowise. Product: Flowise. Affected versions: all releases older than 3.0.6.

Risk and Exploitability

The CVSS score of 8.7 indicates a high severity exploitation risk. Although no EPSS score is currently available and the vulnerability is not listed in the CISA KEV catalog, the flaw is exploitable by unauthenticated attackers through the publicly reachable HTTP endpoints. The lack of authentication and the parameter validation bug make the attack straightforward once the target is identified. The potential impact is the compromise of confidential database contents and the broader risk of further data exposure or subsequent attacks.

Generated by OpenCVE AI on June 25, 2026 at 23:25 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the Flowise 3.0.6 or later patch to eliminate the unvalidated chatId parameter.
  • If a patch cannot be applied immediately, restrict access to the /api/v1/get-upload-file and /api/v1/openai-assistants-file/download endpoints with authentication, network segmentation, or IP whitelisting to prevent unauthenticated use.
  • Re‑evaluate file system permissions to ensure that the Flowise process cannot read sensitive files such as database.sqlite; remove or restrict direct access to such files from the web server context.

Generated by OpenCVE AI on June 25, 2026 at 23:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 25 Jun 2026 22:00:00 +0000

Type Values Removed Values Added
Description Flowise before 3.0.6 contains an arbitrary file read vulnerability in the chatId parameter of the /api/v1/get-upload-file and /api/v1/openai-assistants-file/download endpoints. The chatId value is not validated and is passed to streamStorageFile(), where a fallback file-lookup path constructed without the orgId is evaluated after the storage-directory containment check, allowing path traversal beyond the intended storage directory. Unauthenticated attackers can read sensitive files such as /root/.flowise/database.sqlite, exposing all database content in the default configuration.
Title Flowise - Arbitrary File Read via chatId Parameter
First Time appeared Flowiseai
Flowiseai flowise
Weaknesses CWE-73
CPEs cpe:2.3:a:flowiseai:flowise:*:*:*:*:*:*:*:*
Vendors & Products Flowiseai
Flowiseai flowise
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Flowiseai Flowise
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-25T21:41:02.849Z

Reserved: 2026-06-08T20:44:31.209Z

Link: CVE-2025-71324

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-25T23:30:16Z

Weaknesses
  • CWE-73

    External Control of File Name or Path