Description
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the Chatflow configuration file upload settings can be modified to allow the application/javascript MIME type. This lets an attacker upload .js files even though the frontend doesn’t normally allow JavaScript uploads. This enables attackers to persistently store malicious Node.js web shells on the server, potentially leading to Remote Code Execution (RCE). This vulnerability is fixed in 3.1.0.
Published: 2026-04-23
Score: 7.1 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Patch
AI Analysis

Impact

The vulnerability in Flowise lies in the file upload configuration for chatflow definitions. Prior to version 3.1.0 the application allowed the MIME type application/javascript to be selected, which bypassed frontend restrictions and enabled an attacker to upload .js files. These files can contain Node.js web‑shell code that remains stored on the server, allowing an attacker to execute arbitrary code on the host. The flaw is a classic instance of CWE‑434, an unvalidated file type upload that leads to remote code execution.

Affected Systems

Flowise by FlowiseAI is affected. All releases prior to 3.1.0 are vulnerable, including any 3.x or 2.x variants bundled with the drag-and-drop interface for large‑language‑model workflows.

Risk and Exploitability

The CVSS score of 7.1 indicates a serious risk, while the EPSS score of < 1% suggests that, at the time of this analysis, exploitation likelihood is low but not negligible. The vulnerability is not yet listed in CISA’s KEV catalog. An attacker would typically exploit the flaw by accessing the chatflow file upload interface, selecting the allowed MIME type, and uploading a crafted .js file. The attack requires only that the upload endpoint be reachable; authentication is not strictly required if the endpoint is publicly exposed. The reach of the vulnerability means that compromised files can persist on the server, allowing remote code execution on the machine hosting Flowise.

Generated by OpenCVE AI on April 28, 2026 at 07:28 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Flowise to version 3.1.0 or later, which removes the ability to select the application/javascript MIME type for uploads.
  • Temporarily block JavaScript file types in the upload configuration or on the web server to prevent malicious .js uploads if an upgrade cannot be performed immediately.
  • Implement server‑side validation that checks both MIME type and file extension against an allow‑list, ensuring no JavaScript files are accepted.
  • Monitor the upload directories for unexpected .js artifacts and remove any that appear, as a post‑deployment security check.

Generated by OpenCVE AI on April 28, 2026 at 07:28 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-rh7v-6w34-w2rr Flowise: File Upload Validation Bypass in createAttachment
History

Fri, 24 Apr 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 24 Apr 2026 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Flowiseai
Flowiseai flowise
CPEs cpe:2.3:a:flowiseai:flowise:*:*:*:*:*:*:*:*
Vendors & Products Flowiseai
Flowiseai flowise

Thu, 23 Apr 2026 19:45:00 +0000

Type Values Removed Values Added
Description Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the Chatflow configuration file upload settings can be modified to allow the application/javascript MIME type. This lets an attacker upload .js files even though the frontend doesn’t normally allow JavaScript uploads. This enables attackers to persistently store malicious Node.js web shells on the server, potentially leading to Remote Code Execution (RCE). This vulnerability is fixed in 3.1.0.
Title Flowise: File Upload Validation Bypass in createAttachment
Weaknesses CWE-434
References
Metrics cvssV3_1

{'score': 7.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N'}

Subscriptions

Flowiseai Flowise
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-24T18:20:27.952Z

Reserved: 2026-04-18T14:01:46.801Z

Link: CVE-2026-41269

cve-icon Vulnrichment

Updated: 2026-04-24T14:21:18.400Z

cve-icon NVD

Status : Modified

Published: 2026-04-23T20:16:15.417

Modified: 2026-04-24T19:17:11.417

Link: CVE-2026-41269

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T07:30:26Z

Weaknesses