漏洞描述
Flowise存在未授权访问漏洞,攻击者可获取到系统中存储的客户信息
Flowise API 存在未授权访问漏洞(CVE-2024-31621)
PoC代码
暂无相关漏洞推荐
- POC CVE-2025-8943: Flowise < 3.0.1 - Remote Command Execution
- Flowise /api/v1/account/forgot-password 未授权访问漏洞(CVE-2025-58434)
- Flowise /api/v1/openai-assistants-file/download 文件读取漏洞
- Flowise 任意文件读取漏洞
- FlowiseAI/Flosise SSRF漏洞
- POC CVE-2024-31621: Flowise 1.6.5 - Authentication Bypass
- POC CVE-2024-8181: Flowise <= 1.8.2 Authentication Bypass
- POC CVE-2025-26319: FlowiseAI Flowise <= 2.2.6 - Arbitrary File Upload
- POC CVE-2025-58434: Flowise <= 3.0.5 - Account Takeover
- POC CVE-2025-26319: FlowiseAI 未授权任意文件写入漏洞
- POC flowise-installer: Flowise Installation Wizard - Exposure