CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-41269

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the Chatflow configuration file upload settings can be modified to allow the application/javascript MIME type. This lets an attacker upload .js files even though the frontend doesn’t normally allow JavaScript uploads. This enables attackers to persistently store malicious Node.js web shells on the server, potentially leading to Remote Code Execution (RCE). This vulnerability is fixed in 3.1.0.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 18.9%

CVSS Severity

CVSS v3 Score 7.1

References

Products affected by CVE-2026-41269

Flowiseai » Flowise » Version: N/A

cpe:2.3:a:flowiseai:flowise:-
Flowiseai » Flowise » Version: 1.0.0

cpe:2.3:a:flowiseai:flowise:1.0.0
Flowiseai » Flowise » Version: 1.0.1

cpe:2.3:a:flowiseai:flowise:1.0.1
Flowiseai » Flowise » Version: 1.1.0

cpe:2.3:a:flowiseai:flowise:1.1.0
Flowiseai » Flowise » Version: 1.1.1

cpe:2.3:a:flowiseai:flowise:1.1.1
Flowiseai » Flowise » Version: 1.2.1

cpe:2.3:a:flowiseai:flowise:1.2.1
Flowiseai » Flowise » Version: 1.2.10

cpe:2.3:a:flowiseai:flowise:1.2.10
Flowiseai » Flowise » Version: 1.2.11

cpe:2.3:a:flowiseai:flowise:1.2.11
Flowiseai » Flowise » Version: 1.2.12

cpe:2.3:a:flowiseai:flowise:1.2.12
Flowiseai » Flowise » Version: 1.2.13

cpe:2.3:a:flowiseai:flowise:1.2.13
Flowiseai » Flowise » Version: 1.2.14

cpe:2.3:a:flowiseai:flowise:1.2.14
Flowiseai » Flowise » Version: 1.2.15

cpe:2.3:a:flowiseai:flowise:1.2.15
Flowiseai » Flowise » Version: 1.2.16

cpe:2.3:a:flowiseai:flowise:1.2.16
Flowiseai » Flowise » Version: 1.2.2

cpe:2.3:a:flowiseai:flowise:1.2.2
Flowiseai » Flowise » Version: 1.2.3

cpe:2.3:a:flowiseai:flowise:1.2.3
Flowiseai » Flowise » Version: 1.2.4

cpe:2.3:a:flowiseai:flowise:1.2.4
Flowiseai » Flowise » Version: 1.2.5

cpe:2.3:a:flowiseai:flowise:1.2.5
Flowiseai » Flowise » Version: 1.2.6

cpe:2.3:a:flowiseai:flowise:1.2.6
Flowiseai » Flowise » Version: 1.2.7

cpe:2.3:a:flowiseai:flowise:1.2.7
Flowiseai » Flowise » Version: 1.2.8

cpe:2.3:a:flowiseai:flowise:1.2.8
Flowiseai » Flowise » Version: 1.2.9

cpe:2.3:a:flowiseai:flowise:1.2.9
Flowiseai » Flowise » Version: 1.3.0

cpe:2.3:a:flowiseai:flowise:1.3.0
Flowiseai » Flowise » Version: 1.3.1

cpe:2.3:a:flowiseai:flowise:1.3.1
Flowiseai » Flowise » Version: 1.3.2

cpe:2.3:a:flowiseai:flowise:1.3.2
Flowiseai » Flowise » Version: 1.3.3

cpe:2.3:a:flowiseai:flowise:1.3.3
Flowiseai » Flowise » Version: 1.3.4

cpe:2.3:a:flowiseai:flowise:1.3.4
Flowiseai » Flowise » Version: 1.3.5

cpe:2.3:a:flowiseai:flowise:1.3.5
Flowiseai » Flowise » Version: 1.3.6

cpe:2.3:a:flowiseai:flowise:1.3.6
Flowiseai » Flowise » Version: 1.3.7

cpe:2.3:a:flowiseai:flowise:1.3.7
Flowiseai » Flowise » Version: 1.3.8

cpe:2.3:a:flowiseai:flowise:1.3.8
Flowiseai » Flowise » Version: 1.3.9

cpe:2.3:a:flowiseai:flowise:1.3.9
Flowiseai » Flowise » Version: 1.4.0

cpe:2.3:a:flowiseai:flowise:1.4.0
Flowiseai » Flowise » Version: 1.4.1

cpe:2.3:a:flowiseai:flowise:1.4.1
Flowiseai » Flowise » Version: 1.4.10

cpe:2.3:a:flowiseai:flowise:1.4.10
Flowiseai » Flowise » Version: 1.4.11

cpe:2.3:a:flowiseai:flowise:1.4.11
Flowiseai » Flowise » Version: 1.4.12

cpe:2.3:a:flowiseai:flowise:1.4.12
Flowiseai » Flowise » Version: 1.4.2

cpe:2.3:a:flowiseai:flowise:1.4.2
Flowiseai » Flowise » Version: 1.4.3

cpe:2.3:a:flowiseai:flowise:1.4.3
Flowiseai » Flowise » Version: 1.4.4

cpe:2.3:a:flowiseai:flowise:1.4.4
Flowiseai » Flowise » Version: 1.4.5

cpe:2.3:a:flowiseai:flowise:1.4.5
Flowiseai » Flowise » Version: 1.4.6

cpe:2.3:a:flowiseai:flowise:1.4.6
Flowiseai » Flowise » Version: 1.4.7

cpe:2.3:a:flowiseai:flowise:1.4.7
Flowiseai » Flowise » Version: 1.4.8

cpe:2.3:a:flowiseai:flowise:1.4.8
Flowiseai » Flowise » Version: 1.4.9

cpe:2.3:a:flowiseai:flowise:1.4.9
Flowiseai » Flowise » Version: 1.5.0

cpe:2.3:a:flowiseai:flowise:1.5.0
Flowiseai » Flowise » Version: 1.5.1

cpe:2.3:a:flowiseai:flowise:1.5.1
Flowiseai » Flowise » Version: 1.6.0

cpe:2.3:a:flowiseai:flowise:1.6.0
Flowiseai » Flowise » Version: 1.6.1

cpe:2.3:a:flowiseai:flowise:1.6.1
Flowiseai » Flowise » Version: 1.6.2

cpe:2.3:a:flowiseai:flowise:1.6.2
Flowiseai » Flowise » Version: 1.6.3

cpe:2.3:a:flowiseai:flowise:1.6.3
Flowiseai » Flowise » Version: 1.6.4

cpe:2.3:a:flowiseai:flowise:1.6.4
Flowiseai » Flowise » Version: 1.6.5

cpe:2.3:a:flowiseai:flowise:1.6.5
Flowiseai » Flowise » Version: 1.6.6

cpe:2.3:a:flowiseai:flowise:1.6.6
Flowiseai » Flowise » Version: 1.7.0

cpe:2.3:a:flowiseai:flowise:1.7.0
Flowiseai » Flowise » Version: 1.7.1

cpe:2.3:a:flowiseai:flowise:1.7.1
Flowiseai » Flowise » Version: 1.7.2

cpe:2.3:a:flowiseai:flowise:1.7.2
Flowiseai » Flowise » Version: 1.8.0

cpe:2.3:a:flowiseai:flowise:1.8.0
Flowiseai » Flowise » Version: 1.8.1

cpe:2.3:a:flowiseai:flowise:1.8.1
Flowiseai » Flowise » Version: 1.8.2

cpe:2.3:a:flowiseai:flowise:1.8.2
Flowiseai » Flowise » Version: 1.8.3

cpe:2.3:a:flowiseai:flowise:1.8.3
Flowiseai » Flowise » Version: 1.8.4

cpe:2.3:a:flowiseai:flowise:1.8.4
Flowiseai » Flowise » Version: 2.0.0

cpe:2.3:a:flowiseai:flowise:2.0.0
Flowiseai » Flowise » Version: 2.0.1

cpe:2.3:a:flowiseai:flowise:2.0.1
Flowiseai » Flowise » Version: 2.0.2

cpe:2.3:a:flowiseai:flowise:2.0.2
Flowiseai » Flowise » Version: 2.0.3

cpe:2.3:a:flowiseai:flowise:2.0.3
Flowiseai » Flowise » Version: 2.0.4

cpe:2.3:a:flowiseai:flowise:2.0.4
Flowiseai » Flowise » Version: 2.0.5

cpe:2.3:a:flowiseai:flowise:2.0.5
Flowiseai » Flowise » Version: 2.0.6

cpe:2.3:a:flowiseai:flowise:2.0.6
Flowiseai » Flowise » Version: 2.0.7

cpe:2.3:a:flowiseai:flowise:2.0.7
Flowiseai » Flowise » Version: 2.1.0

cpe:2.3:a:flowiseai:flowise:2.1.0
Flowiseai » Flowise » Version: 2.1.1

cpe:2.3:a:flowiseai:flowise:2.1.1
Flowiseai » Flowise » Version: 2.1.2

cpe:2.3:a:flowiseai:flowise:2.1.2
Flowiseai » Flowise » Version: 2.1.3

cpe:2.3:a:flowiseai:flowise:2.1.3
Flowiseai » Flowise » Version: 2.1.4

cpe:2.3:a:flowiseai:flowise:2.1.4
Flowiseai » Flowise » Version: 2.1.5

cpe:2.3:a:flowiseai:flowise:2.1.5
Flowiseai » Flowise » Version: 2.2.0

cpe:2.3:a:flowiseai:flowise:2.2.0
Flowiseai » Flowise » Version: 2.2.1

cpe:2.3:a:flowiseai:flowise:2.2.1
Flowiseai » Flowise » Version: 2.2.2

cpe:2.3:a:flowiseai:flowise:2.2.2
Flowiseai » Flowise » Version: 2.2.3

cpe:2.3:a:flowiseai:flowise:2.2.3
Flowiseai » Flowise » Version: 2.2.4

cpe:2.3:a:flowiseai:flowise:2.2.4
Flowiseai » Flowise » Version: 2.2.5

cpe:2.3:a:flowiseai:flowise:2.2.5
Flowiseai » Flowise » Version: 2.2.6

cpe:2.3:a:flowiseai:flowise:2.2.6
Flowiseai » Flowise » Version: 2.2.7

cpe:2.3:a:flowiseai:flowise:2.2.7
Flowiseai » Flowise » Version: 2.2.8

cpe:2.3:a:flowiseai:flowise:2.2.8
Flowiseai » Flowise » Version: 3.0.0

cpe:2.3:a:flowiseai:flowise:3.0.0
Flowiseai » Flowise » Version: 3.0.1

cpe:2.3:a:flowiseai:flowise:3.0.1
Flowiseai » Flowise » Version: 3.0.10

cpe:2.3:a:flowiseai:flowise:3.0.10
Flowiseai » Flowise » Version: 3.0.11

cpe:2.3:a:flowiseai:flowise:3.0.11
Flowiseai » Flowise » Version: 3.0.12

cpe:2.3:a:flowiseai:flowise:3.0.12
Flowiseai » Flowise » Version: 3.0.13

cpe:2.3:a:flowiseai:flowise:3.0.13
Flowiseai » Flowise » Version: 3.0.2

cpe:2.3:a:flowiseai:flowise:3.0.2
Flowiseai » Flowise » Version: 3.0.3

cpe:2.3:a:flowiseai:flowise:3.0.3
Flowiseai » Flowise » Version: 3.0.4

cpe:2.3:a:flowiseai:flowise:3.0.4
Flowiseai » Flowise » Version: 3.0.5

cpe:2.3:a:flowiseai:flowise:3.0.5
Flowiseai » Flowise » Version: 3.0.6

cpe:2.3:a:flowiseai:flowise:3.0.6
Flowiseai » Flowise » Version: 3.0.7

cpe:2.3:a:flowiseai:flowise:3.0.7
Flowiseai » Flowise » Version: 3.0.8

cpe:2.3:a:flowiseai:flowise:3.0.8
Flowiseai » Flowise » Version: 3.0.9

cpe:2.3:a:flowiseai:flowise:3.0.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-41269

Products

Pricing

Contact Us