Critical Flaws Expose Systems to Cyber Attacks
Flowise Platform Exposes Critical Vulnerability to Remote Code Execution
In a concerning development, vulnerability intelligence firm VulnCheck has warned that threat actors have begun exploiting a critical vulnerability in Flowise, an open-source development platform used to build customized LLM flows and autonomous agents.
The Flaw: CVE-2025-59528
The flaw, tracked as CVE-2025-59528, carries a CVSS score of 10 and allows attackers to execute arbitrary code remotely due to the lack of proper validation of user-supplied JavaScript code in a function supporting configuration settings input for connecting to an external MCP.
Flowise noted that only an API token is required for successful exploitation, posing an extreme security risk to business continuity and customer data.
Exploitation Attempts
VulnCheck has observed the first in-the-wild exploitation attempts targeting CVE-2025-59528, indicating that attackers are taking an interest in vulnerable deployments.
The firm reported that between 12,000 and 15,000 Flowise instances are publicly accessible, although it remains unclear how many are running vulnerable versions of the platform.
Mitigation Efforts
Flowise has taken steps to mitigate the vulnerability by releasing a patched version of the software, underscoring the importance of regular updates and maintenance for developers and organizations relying on open-source platforms like Flowise.
As the use of AI-powered systems continues to grow, the potential impact of such vulnerabilities highlights the need for robust security measures and vigilant monitoring.
About Author
English