CVE-2026-41278

HIGH

Flowise: Public chatflow endpoints return unsanitized flowData including plaintext API keys, passwords, and credential IDs

Title source: cna

Description

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the GET /api/v1/public-chatflows/:id endpoint returns the full chatflow object without sanitization for public chatflows. Docker validation revealed this is worse than initially assessed: the sanitizeFlowDataForPublicEndpoint function does NOT exist in the released v3.0.13 Docker image. Both public-chatflows AND public-chatbotConfig return completely raw flowData including credential IDs, plaintext API keys, and password-type fields. This vulnerability is fixed in 3.1.0.

References (1)

[X_Refsource_Confirm] https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-w47f-j8rh-wx87

Scores

CVSS v4 8.7

EPSS 0.0004

EPSS Percentile 12.1%

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-200

Status published

Products (1)

FlowiseAI/Flowise < 3.1.0

Published Apr 23, 2026

Tracked Since Apr 24, 2026