CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-56268

Flowise before 3.1.2 contains an information disclosure vulnerability in the /api/v1/chatflows/apikey/:apikey endpoint. When the keyonly query parameter is omitted (the default), the endpoint returns not only the chatflows bound to the supplied API key but also all chatflows across every workspace that have no API key assigned, because the underlying query lacks any workspace filter. An attacker with a valid API key for one workspace can therefore retrieve the full ChatFlow configuration (including flowData with system prompts and node configurations, chatbotConfig, apiConfig, and credential IDs) of unprotected chatflows belonging to other workspaces.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 17.5%

CVSS Severity

CVSS v3 Score 7.7

References

Products affected by CVE-2026-56268

Flowiseai » Flowise » Version: N/A

cpe:2.3:a:flowiseai:flowise:-
Flowiseai » Flowise » Version: 1.0.0

cpe:2.3:a:flowiseai:flowise:1.0.0
Flowiseai » Flowise » Version: 1.0.1

cpe:2.3:a:flowiseai:flowise:1.0.1
Flowiseai » Flowise » Version: 1.1.0

cpe:2.3:a:flowiseai:flowise:1.1.0
Flowiseai » Flowise » Version: 1.1.1

cpe:2.3:a:flowiseai:flowise:1.1.1
Flowiseai » Flowise » Version: 1.2.1

cpe:2.3:a:flowiseai:flowise:1.2.1
Flowiseai » Flowise » Version: 1.2.10

cpe:2.3:a:flowiseai:flowise:1.2.10
Flowiseai » Flowise » Version: 1.2.11

cpe:2.3:a:flowiseai:flowise:1.2.11
Flowiseai » Flowise » Version: 1.2.12

cpe:2.3:a:flowiseai:flowise:1.2.12
Flowiseai » Flowise » Version: 1.2.13

cpe:2.3:a:flowiseai:flowise:1.2.13
Flowiseai » Flowise » Version: 1.2.14

cpe:2.3:a:flowiseai:flowise:1.2.14
Flowiseai » Flowise » Version: 1.2.15

cpe:2.3:a:flowiseai:flowise:1.2.15
Flowiseai » Flowise » Version: 1.2.16

cpe:2.3:a:flowiseai:flowise:1.2.16
Flowiseai » Flowise » Version: 1.2.2

cpe:2.3:a:flowiseai:flowise:1.2.2
Flowiseai » Flowise » Version: 1.2.3

cpe:2.3:a:flowiseai:flowise:1.2.3
Flowiseai » Flowise » Version: 1.2.4

cpe:2.3:a:flowiseai:flowise:1.2.4
Flowiseai » Flowise » Version: 1.2.5

cpe:2.3:a:flowiseai:flowise:1.2.5
Flowiseai » Flowise » Version: 1.2.6

cpe:2.3:a:flowiseai:flowise:1.2.6
Flowiseai » Flowise » Version: 1.2.7

cpe:2.3:a:flowiseai:flowise:1.2.7
Flowiseai » Flowise » Version: 1.2.8

cpe:2.3:a:flowiseai:flowise:1.2.8
Flowiseai » Flowise » Version: 1.2.9

cpe:2.3:a:flowiseai:flowise:1.2.9
Flowiseai » Flowise » Version: 1.3.0

cpe:2.3:a:flowiseai:flowise:1.3.0
Flowiseai » Flowise » Version: 1.3.1

cpe:2.3:a:flowiseai:flowise:1.3.1
Flowiseai » Flowise » Version: 1.3.2

cpe:2.3:a:flowiseai:flowise:1.3.2
Flowiseai » Flowise » Version: 1.3.3

cpe:2.3:a:flowiseai:flowise:1.3.3
Flowiseai » Flowise » Version: 1.3.4

cpe:2.3:a:flowiseai:flowise:1.3.4
Flowiseai » Flowise » Version: 1.3.5

cpe:2.3:a:flowiseai:flowise:1.3.5
Flowiseai » Flowise » Version: 1.3.6

cpe:2.3:a:flowiseai:flowise:1.3.6
Flowiseai » Flowise » Version: 1.3.7

cpe:2.3:a:flowiseai:flowise:1.3.7
Flowiseai » Flowise » Version: 1.3.8

cpe:2.3:a:flowiseai:flowise:1.3.8
Flowiseai » Flowise » Version: 1.3.9

cpe:2.3:a:flowiseai:flowise:1.3.9
Flowiseai » Flowise » Version: 1.4.0

cpe:2.3:a:flowiseai:flowise:1.4.0
Flowiseai » Flowise » Version: 1.4.1

cpe:2.3:a:flowiseai:flowise:1.4.1
Flowiseai » Flowise » Version: 1.4.10

cpe:2.3:a:flowiseai:flowise:1.4.10
Flowiseai » Flowise » Version: 1.4.11

cpe:2.3:a:flowiseai:flowise:1.4.11
Flowiseai » Flowise » Version: 1.4.12

cpe:2.3:a:flowiseai:flowise:1.4.12
Flowiseai » Flowise » Version: 1.4.2

cpe:2.3:a:flowiseai:flowise:1.4.2
Flowiseai » Flowise » Version: 1.4.3

cpe:2.3:a:flowiseai:flowise:1.4.3
Flowiseai » Flowise » Version: 1.4.4

cpe:2.3:a:flowiseai:flowise:1.4.4
Flowiseai » Flowise » Version: 1.4.5

cpe:2.3:a:flowiseai:flowise:1.4.5
Flowiseai » Flowise » Version: 1.4.6

cpe:2.3:a:flowiseai:flowise:1.4.6
Flowiseai » Flowise » Version: 1.4.7

cpe:2.3:a:flowiseai:flowise:1.4.7
Flowiseai » Flowise » Version: 1.4.8

cpe:2.3:a:flowiseai:flowise:1.4.8
Flowiseai » Flowise » Version: 1.4.9

cpe:2.3:a:flowiseai:flowise:1.4.9
Flowiseai » Flowise » Version: 1.5.0

cpe:2.3:a:flowiseai:flowise:1.5.0
Flowiseai » Flowise » Version: 1.5.1

cpe:2.3:a:flowiseai:flowise:1.5.1
Flowiseai » Flowise » Version: 1.6.0

cpe:2.3:a:flowiseai:flowise:1.6.0
Flowiseai » Flowise » Version: 1.6.1

cpe:2.3:a:flowiseai:flowise:1.6.1
Flowiseai » Flowise » Version: 1.6.2

cpe:2.3:a:flowiseai:flowise:1.6.2
Flowiseai » Flowise » Version: 1.6.3

cpe:2.3:a:flowiseai:flowise:1.6.3
Flowiseai » Flowise » Version: 1.6.4

cpe:2.3:a:flowiseai:flowise:1.6.4
Flowiseai » Flowise » Version: 1.6.5

cpe:2.3:a:flowiseai:flowise:1.6.5
Flowiseai » Flowise » Version: 1.6.6

cpe:2.3:a:flowiseai:flowise:1.6.6
Flowiseai » Flowise » Version: 1.7.0

cpe:2.3:a:flowiseai:flowise:1.7.0
Flowiseai » Flowise » Version: 1.7.1

cpe:2.3:a:flowiseai:flowise:1.7.1
Flowiseai » Flowise » Version: 1.7.2

cpe:2.3:a:flowiseai:flowise:1.7.2
Flowiseai » Flowise » Version: 1.8.0

cpe:2.3:a:flowiseai:flowise:1.8.0
Flowiseai » Flowise » Version: 1.8.1

cpe:2.3:a:flowiseai:flowise:1.8.1
Flowiseai » Flowise » Version: 1.8.2

cpe:2.3:a:flowiseai:flowise:1.8.2
Flowiseai » Flowise » Version: 1.8.3

cpe:2.3:a:flowiseai:flowise:1.8.3
Flowiseai » Flowise » Version: 1.8.4

cpe:2.3:a:flowiseai:flowise:1.8.4
Flowiseai » Flowise » Version: 2.0.0

cpe:2.3:a:flowiseai:flowise:2.0.0
Flowiseai » Flowise » Version: 2.0.1

cpe:2.3:a:flowiseai:flowise:2.0.1
Flowiseai » Flowise » Version: 2.0.2

cpe:2.3:a:flowiseai:flowise:2.0.2
Flowiseai » Flowise » Version: 2.0.3

cpe:2.3:a:flowiseai:flowise:2.0.3
Flowiseai » Flowise » Version: 2.0.4

cpe:2.3:a:flowiseai:flowise:2.0.4
Flowiseai » Flowise » Version: 2.0.5

cpe:2.3:a:flowiseai:flowise:2.0.5
Flowiseai » Flowise » Version: 2.0.6

cpe:2.3:a:flowiseai:flowise:2.0.6
Flowiseai » Flowise » Version: 2.0.7

cpe:2.3:a:flowiseai:flowise:2.0.7
Flowiseai » Flowise » Version: 2.1.0

cpe:2.3:a:flowiseai:flowise:2.1.0
Flowiseai » Flowise » Version: 2.1.1

cpe:2.3:a:flowiseai:flowise:2.1.1
Flowiseai » Flowise » Version: 2.1.2

cpe:2.3:a:flowiseai:flowise:2.1.2
Flowiseai » Flowise » Version: 2.1.3

cpe:2.3:a:flowiseai:flowise:2.1.3
Flowiseai » Flowise » Version: 2.1.4

cpe:2.3:a:flowiseai:flowise:2.1.4
Flowiseai » Flowise » Version: 2.1.5

cpe:2.3:a:flowiseai:flowise:2.1.5
Flowiseai » Flowise » Version: 2.2.0

cpe:2.3:a:flowiseai:flowise:2.2.0
Flowiseai » Flowise » Version: 2.2.1

cpe:2.3:a:flowiseai:flowise:2.2.1
Flowiseai » Flowise » Version: 2.2.2

cpe:2.3:a:flowiseai:flowise:2.2.2
Flowiseai » Flowise » Version: 2.2.3

cpe:2.3:a:flowiseai:flowise:2.2.3
Flowiseai » Flowise » Version: 2.2.4

cpe:2.3:a:flowiseai:flowise:2.2.4
Flowiseai » Flowise » Version: 2.2.5

cpe:2.3:a:flowiseai:flowise:2.2.5
Flowiseai » Flowise » Version: 2.2.6

cpe:2.3:a:flowiseai:flowise:2.2.6
Flowiseai » Flowise » Version: 2.2.7

cpe:2.3:a:flowiseai:flowise:2.2.7
Flowiseai » Flowise » Version: 2.2.8

cpe:2.3:a:flowiseai:flowise:2.2.8
Flowiseai » Flowise » Version: 3.0.0

cpe:2.3:a:flowiseai:flowise:3.0.0
Flowiseai » Flowise » Version: 3.0.1

cpe:2.3:a:flowiseai:flowise:3.0.1
Flowiseai » Flowise » Version: 3.0.10

cpe:2.3:a:flowiseai:flowise:3.0.10
Flowiseai » Flowise » Version: 3.0.11

cpe:2.3:a:flowiseai:flowise:3.0.11
Flowiseai » Flowise » Version: 3.0.12

cpe:2.3:a:flowiseai:flowise:3.0.12
Flowiseai » Flowise » Version: 3.0.13

cpe:2.3:a:flowiseai:flowise:3.0.13
Flowiseai » Flowise » Version: 3.0.2

cpe:2.3:a:flowiseai:flowise:3.0.2
Flowiseai » Flowise » Version: 3.0.3

cpe:2.3:a:flowiseai:flowise:3.0.3
Flowiseai » Flowise » Version: 3.0.4

cpe:2.3:a:flowiseai:flowise:3.0.4
Flowiseai » Flowise » Version: 3.0.5

cpe:2.3:a:flowiseai:flowise:3.0.5
Flowiseai » Flowise » Version: 3.0.6

cpe:2.3:a:flowiseai:flowise:3.0.6
Flowiseai » Flowise » Version: 3.0.7

cpe:2.3:a:flowiseai:flowise:3.0.7
Flowiseai » Flowise » Version: 3.0.8

cpe:2.3:a:flowiseai:flowise:3.0.8
Flowiseai » Flowise » Version: 3.0.9

cpe:2.3:a:flowiseai:flowise:3.0.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-56268

Products

Pricing

Contact Us