CVE-2025-8943

CRITICAL EXPLOITED NUCLEI

Flowise < 3.0.1 - Missing Authorization

Title source: rule

Description

The Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to spin up local MCP Servers. However, Flowise's inherent authentication and authorization model is minimal and lacks role-based access controls (RBAC). Furthermore, in Flowise versions before 3.0.1 the default installation operates without authentication unless explicitly configured. This combination allows unauthenticated network attackers to execute unsandboxed OS commands.

Exploits (1)

metasploit WORKING POC EXCELLENT

by Assaf Levkovich · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/flowise_custommcp_rce.rb

View Code ZIP pw:eip

Nuclei Templates (1)

Flowise < 3.0.1 - Remote Command Execution

CRITICALVERIFIEDby zezezez

Shodan: http.title:"Flowise"

References (1)

[Exploit, Third Party Advisory] https://research.jfrog.com/vulnerabilities/flowise-os-command-remote-code-execution-jfsa-2025-001380578/

Scores

CVSS v3 9.8

EPSS 0.8469

EPSS Percentile 99.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2025-11-27

CWE

CWE-862 CWE-306

Status published

Products (2)

flowiseai/flowise < 3.0.1

npm/flowise 0npm

Published Aug 14, 2025

Tracked Since Feb 18, 2026