Description
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, all CRUD endpoints for OpenAI Assistants Vector Store have no authentication middleware and the route path /api/v1/openai-assistants-vector-store is not in WHITELIST_URLS. However, it is also not protected by the main auth middleware when accessed via API key — the route requires API key auth (not whitelisted), but no permission checks exist on any operation. This issue has been patched in version 3.1.2.
Published: 2026-06-08
Score: 8.7 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Flowise, a drag‑and‑drop interface for building AI workflows, contains a flaw where CRUD endpoints for OpenAI Assistants Vector Store lack permission checks. The route /api/v1/openai-assistants-vector-store is not protected by the main authentication middleware, even when accessed with an API key, and is not included in the whitelisting list. Based on the description, it is inferred that an attacker who obtains a valid API key can therefore create, read, update, or delete entries in the vector store without restriction, potentially compromising confidentiality and integrity of stored data. The weakness is classified as CWE‑862, a missing permission check.

Affected Systems

The affected product is Flowise by FlowiseAI, all releases prior to version 3.1.2. No other versions are impacted once the update is applied.

Risk and Exploitability

The CVSS score of 8.7 indicates high severity. Although EPSS data is unavailable, it is inferred that the vulnerability can be exploited remotely if an attacker can acquire an API key. The CVE is not listed in CISA’s KEV catalog, but the presence of unprotected endpoints suggests a high likelihood of abuse in environments where API keys are distributed or logged. If the API key is compromised, an attacker could bypass all validation and manipulate the vector store freely.

Generated by OpenCVE AI on June 8, 2026 at 17:07 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Flowise to version 3.1.2 or later, where the CRUD endpoints are protected by proper permission checks.
  • Restrict the use of API keys to the minimum required scopes and consider implementing custom role‑based access control to the vector store endpoints.
  • Continuously monitor API usage logs for unauthorized attempts to access /api/v1/openai-assistants-vector-store and apply rate limiting or audit alerts as appropriate.

Generated by OpenCVE AI on June 8, 2026 at 17:07 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-hmg2-jjjx-jcp2 FlowiseAI: Vector Store No Permission Checks
History

Mon, 08 Jun 2026 17:00:00 +0000

Type Values Removed Values Added
First Time appeared Flowiseai
Flowiseai flowise
Vendors & Products Flowiseai
Flowiseai flowise

Mon, 08 Jun 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 08 Jun 2026 15:45:00 +0000

Type Values Removed Values Added
Description Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, all CRUD endpoints for OpenAI Assistants Vector Store have no authentication middleware and the route path /api/v1/openai-assistants-vector-store is not in WHITELIST_URLS. However, it is also not protected by the main auth middleware when accessed via API key — the route requires API key auth (not whitelisted), but no permission checks exist on any operation. This issue has been patched in version 3.1.2.
Title Flowise: Vector Store No Permission Checks
Weaknesses CWE-862
References
Metrics cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Flowiseai Flowise
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-06-08T15:54:18.205Z

Reserved: 2026-05-13T22:18:22.831Z

Link: CVE-2026-46444

cve-icon Vulnrichment

Updated: 2026-06-08T15:54:13.736Z

cve-icon NVD

Status : Received

Published: 2026-06-08T16:16:41.660

Modified: 2026-06-08T16:16:41.660

Link: CVE-2026-46444

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-08T17:15:28Z

Weaknesses