Description
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the GraphCypherQAChain node forwards user-provided input directly into the Cypher query execution pipeline without proper sanitization. An attacker can inject arbitrary Cypher commands that are executed on the underlying Neo4j database, enabling data exfiltration, modification, or deletion. This vulnerability is fixed in 3.1.0.
Published: 2026-04-23
Score: 9.3 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Data exfiltration, modification, or deletion in the Neo4j database via Cypher injection
Action: Patch Immediately
AI Analysis

Impact

GraphCypherQAChain in Flowise forwards unfiltered user input into Cypher queries executed against a Neo4j database. The vulnerability permits injection of arbitrary Cypher commands, allowing an attacker to read, modify, or delete database contents. The flaw is a classic example of command injection, classified under CWE-943, and directly compromises data confidentiality, integrity, and availability.

Affected Systems

The affected products are FlowiseAI: Flowise and FlowiseAI: flowise-components. All installations using a version earlier than 3.1.0 are susceptible. Versions 3.1.0 and later include the fix that sanitizes user input before query execution.

Risk and Exploitability

The CVSS score of 9.3 reflects the severity of the injection. The EPSS score of less than 1% indicates that, as of the data snapshot, the probability of exploitation is low. The vulnerability is not listed in the CISA KEV catalog, implying no known widespread exploitation. An attacker can exploit it remotely by entering malicious Cypher through the user interface; no special privileges are required beyond access to the Flowise application.

Generated by OpenCVE AI on April 28, 2026 at 14:42 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Flowise and flowise-components to version 3.1.0 or later to apply the vendor‑supplied input sanitization fix.
  • If an upgrade cannot be applied immediately, restrict access to the Flowise application to trusted administrators and prohibit end users from adding or configuring the GraphCypherQAChain node in their flows.
  • Monitor Neo4j query logs and audit user input to detect abnormal or malicious Cypher statements, and apply additional logging or alerts as appropriate.

Generated by OpenCVE AI on April 28, 2026 at 14:42 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-28g4-38q8-3cwc Flowise: Cypher Injection in GraphCypherQAChain
History

Mon, 04 May 2026 18:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:flowiseai:flowise:*:*:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Mon, 27 Apr 2026 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Flowiseai
Flowiseai flowise
Flowiseai flowise-components
Vendors & Products Flowiseai
Flowiseai flowise
Flowiseai flowise-components

Fri, 24 Apr 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 23 Apr 2026 21:45:00 +0000

Type Values Removed Values Added
Description Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the GraphCypherQAChain node forwards user-provided input directly into the Cypher query execution pipeline without proper sanitization. An attacker can inject arbitrary Cypher commands that are executed on the underlying Neo4j database, enabling data exfiltration, modification, or deletion. This vulnerability is fixed in 3.1.0.
Title Flowise: Cypher Injection in GraphCypherQAChain
Weaknesses CWE-943
References
Metrics cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Flowiseai Flowise Flowise-components
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-24T18:19:51.514Z

Reserved: 2026-04-18T14:01:46.802Z

Link: CVE-2026-41274

cve-icon Vulnrichment

Updated: 2026-04-24T16:20:43.147Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-23T22:16:38.740

Modified: 2026-05-04T18:33:02.967

Link: CVE-2026-41274

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T14:45:16Z

Weaknesses