Description
Flowise before 3.1.2 contains an information disclosure vulnerability in the /api/v1/chatflows/apikey/:apikey endpoint. When the keyonly query parameter is omitted (the default), the endpoint returns not only the chatflows bound to the supplied API key but also all chatflows across every workspace that have no API key assigned, because the underlying query lacks any workspace filter. An attacker with a valid API key for one workspace can therefore retrieve the full ChatFlow configuration (including flowData with system prompts and node configurations, chatbotConfig, apiConfig, and credential IDs) of unprotected chatflows belonging to other workspaces.
Published: 2026-06-22
Score: 5.3 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Flowise versions prior to 3.1.2 expose chatflow configurations across all workspaces when the keyonly query parameter is omitted. An attacker possessing a valid API key from one workspace can trigger the /api/v1/chatflows/apikey/:apikey endpoint to retrieve not only the chatflows tied to that key but also all unprotected chatflows belonging to other workspaces. The disclosed data includes internal flow structure, system prompts, node settings, chatbot configuration, API settings, and credential identifiers. This vulnerability is classified as CWE‑863, a missing enforcement of a required feature or function, resulting in a confidentiality breach of sensitive configuration information. No arbitrary code execution or denial of service capability is present.

Affected Systems

The flaw affects all Flowise deployments using versions earlier than 3.1.2, including the 3.0.x release line and earlier releases. Any installation of Flowise that has unprotected chatflows or that exposes the /api/v1/chatflows/apikey endpoint to users with API keys is susceptible.

Risk and Exploitability

The CVSS score of 5.3 indicates moderate severity. The exploitation requires possession of an existing API key from any workspace; no additional authentication is needed. The lack of a workspace filter makes the vulnerability trivial to exploit for users who obtain a key. EPSS data is unavailable, and the vulnerability has not been listed in CISA's KEV catalog, suggesting no known large‑scale active exploitation yet. Nevertheless, the ease of exploitation combined with the exposure of potentially sensitive configuration data warrants timely mitigation.

Generated by OpenCVE AI on June 22, 2026 at 23:29 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Flowise to version 3.1.2 or later, which restores the workspace filter for the API key queries.
  • Ensure that all chatflows not requiring authentication have no associated API keys, or remove them entirely to eliminate accidental exposure.
  • Apply application‑level access controls by validating the requester's workspace before returning chatflow data, thereby reinforcing boundary checks even if a future regression reintroduces a similar flaw.

Generated by OpenCVE AI on June 22, 2026 at 23:29 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-c2c9-mfw7-p8hw Flowise: Cross-Workspace Chatflow Disclosure via chatflows/apikey Endpoint Returns All Unprotected Chatflows
History

Mon, 22 Jun 2026 22:00:00 +0000

Type Values Removed Values Added
Description Flowise before 3.1.2 contains an information disclosure vulnerability in the /api/v1/chatflows/apikey/:apikey endpoint. When the keyonly query parameter is omitted (the default), the endpoint returns not only the chatflows bound to the supplied API key but also all chatflows across every workspace that have no API key assigned, because the underlying query lacks any workspace filter. An attacker with a valid API key for one workspace can therefore retrieve the full ChatFlow configuration (including flowData with system prompts and node configurations, chatbotConfig, apiConfig, and credential IDs) of unprotected chatflows belonging to other workspaces.
Title Flowise - Cross-Workspace Information Disclosure via chatflows/apikey Endpoint
First Time appeared Flowiseai
Flowiseai flowise
Weaknesses CWE-863
CPEs cpe:2.3:a:flowiseai:flowise:*:*:*:*:*:*:*:*
Vendors & Products Flowiseai
Flowiseai flowise
References
Metrics cvssV3_1

{'score': 7.7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Flowiseai Flowise
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-22T21:04:45.465Z

Reserved: 2026-06-20T01:47:54.000Z

Link: CVE-2026-56268

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-23T01:45:03Z

Weaknesses