CVE-2025-61913

Flowise is a drag & drop user interface to build a customized large language model flow. In versions prior to 3.0.8, WriteFileTool and ReadFileTool in Flowise do not restrict file path access, allowing authenticated attackers to exploit this vulnerability to read and write arbitrary files to any path in the file system, potentially leading to remote command execution. Flowise 3.0.8 fixes this vulnerability.

CVSS v3 9.9 CRITICAL

9.9^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.1 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://github.com/FlowiseAI/Flowise/commit/1fb12cd93143592a18995f63b781d25b354d48a3	Patch
https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.8	Release Notes
https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-j44m-5v8f-gc9c	Exploit Vendor Advisory
https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-jv9m-vf54-chjj	Exploit Vendor Advisory
https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-j44m-5v8f-gc9c	Exploit Vendor Advisory
https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-jv9m-vf54-chjj	Exploit Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:flowiseai:flowise:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2025-10-08 23:15

Updated : 2025-10-20 15:23

NVD link : CVE-2025-61913

Mitre link : CVE-2025-61913

CVE.ORG link : CVE-2025-61913

JSON object : View

Products Affected

flowiseai

flowise

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

{"id": "CVE-2025-61913", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 3.1}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 3.1}]}, "published": "2025-10-08T23:15:31.357", "references": [{"url": "https://github.com/FlowiseAI/Flowise/commit/1fb12cd93143592a18995f63b781d25b354d48a3", "tags": ["Patch"], "source": "[email protected]"}, {"url": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.8", "tags": ["Release Notes"], "source": "[email protected]"}, {"url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-j44m-5v8f-gc9c", "tags": ["Exploit", "Vendor Advisory"], "source": "[email protected]"}, {"url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-jv9m-vf54-chjj", "tags": ["Exploit", "Vendor Advisory"], "source": "[email protected]"}, {"url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-j44m-5v8f-gc9c", "tags": ["Exploit", "Vendor Advisory"], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}, {"url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-jv9m-vf54-chjj", "tags": ["Exploit", "Vendor Advisory"], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "Flowise is a drag & drop user interface to build a customized large language model flow. In versions prior to 3.0.8, WriteFileTool and ReadFileTool in Flowise do not restrict file path access, allowing authenticated attackers to exploit this vulnerability to read and write arbitrary files to any path in the file system, potentially leading to remote command execution. Flowise 3.0.8 fixes this vulnerability."}], "lastModified": "2025-10-20T15:23:05.060", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:flowiseai:flowise:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EAD12981-C719-4090-884B-9C8F848B80D8", "versionEndExcluding": "3.0.8"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}