CVE-2025-59528

This exploit leverages an authenticated RCE vulnerability in Flowise < 3.0.5 by injecting a malicious payload into the `customMCP` API endpoint, which executes arbitrary commands via Node.js `child_process.execSync`.

This repository contains a detailed technical writeup for CVE-2025-59528, focusing on a prototype pollution vulnerability in a Node.js application. It includes a step-by-step analysis of the vulnerability, exploitation steps, and patching guidance.

This repository contains a functional exploit for CVE-2025-59528, which chains an account takeover (CVE-2025-58434) with a remote code execution vulnerability in Flowise via a CustomMCP node injection. The exploit includes steps for password reset, API key retrieval, and command execution or reverse shell setup.

The repository contains a functional Python-based exploit for CVE-2025-59528, demonstrating authenticated RCE in Flowise AI <= 3.0.4 via JavaScript injection into the customMCP endpoint. The PoC includes authentication, payload delivery, and command execution using Node.js's child_process module.

This repository contains a functional Python script that exploits CVE-2025-59528, an authenticated remote code execution (RCE) vulnerability in FlowiseAI's Flowise application (versions <= 3.0.5). The exploit leverages a vulnerable endpoint to inject and execute arbitrary commands via a crafted JSON payload.

The repository contains a functional Python exploit for CVE-2025-59528, targeting Flowise's customMCP node. It leverages unsafe JavaScript evaluation via the Function constructor to achieve remote code execution (RCE) by injecting a reverse shell payload or arbitrary commands.

This repository contains a functional exploit for CVE-2025-59528, a critical RCE vulnerability in FlowiseAI's CustomMCP node. The exploit leverages the unsafe use of JavaScript's Function() constructor to execute arbitrary commands via crafted input to the mcpServerConfig parameter.

This repository contains a functional exploit chain for CVE-2025-58434 (unauthenticated account takeover via password reset token disclosure) and CVE-2025-59528 (authenticated RCE via CustomMCP node JS injection in Flowise). The Python script automates the full attack chain, including password reset, API key retrieval, and command execution or reverse shell setup.

This repository contains a functional exploit PoC for CVE-2025-59528, which chains an unauthenticated password reset token disclosure (CVE-2025-58434) with a remote code execution vulnerability in FlowiseAI. The exploit demonstrates a complete kill chain from zero credentials to a root shell inside a Docker container.

This repository contains a functional exploit PoC for CVE-2025-58434 (account takeover) and CVE-2025-59528 (RCE) in Flowise. The exploit chains both vulnerabilities to achieve unauthenticated RCE via a reverse shell payload.

This Metasploit module exploits a JavaScript injection vulnerability in Flowise's customMCP endpoint, allowing arbitrary command execution via the mcpServerConfig parameter. It supports both authenticated and unauthenticated exploitation depending on the target version.