Impact
Flowise instances prior to version 3.1.0 are vulnerable to an unauthenticated remote command execution flaw that allows a parameter override using the FILE‑STORAGE:: keyword combined with a NODE_OPTIONS environment variable injection. Exploitation results in arbitrary system commands executing with the privileges of the containerised Flowise process, typically root. The description states that the commands run in the container; based on this it is inferred that a skilled attacker could potentially impact the host that runs the container, but the CVE does not explicitly claim full host control.
Affected Systems
The affected product is Flowise, a drag‑and‑drop interface for building large language model flows, provided by FlowiseAI. Any installation running a Flowise version earlier than 3.1.0 is susceptible, regardless of the operating system, as long as it is executed within a containerised environment. No further sub‑version or patch details are supplied.
Risk and Exploitability
With a CVSS score of 9.8 the risk is considered Critical. The EPSS score of 14% indicates a notable likelihood that the vulnerability could be actively exploited, and the lack of authentication and single‑request requirement mean that compromised or exposed instances pose a high risk. The vulnerability is not listed in the CISA KEV catalog, yet the high severity and the ability to achieve root privileges make it a top priority. Attackers can reach the target by sending a crafted HTTP request containing the overriding parameters; no additional code execution prerequisites are required beyond the standard service operation. The description suggests that commands execute with container privileges, implying that the host may be affected, but this is inferred and not explicitly stated in the CVE.
OpenCVE Enrichment
Github GHSA