CVE-2025-26319: 
JavaScript vulnerability analysis and mitigation

FlowiseAI Flowise v2.2.6 contains an arbitrary file upload vulnerability in the /api/v1/attachments endpoint. The vulnerability was discovered in March 2025 and affects the Flowise open-source platform, which is widely used for building AI agents with over 35,000 GitHub stars and more than a million Docker pulls (Security Online).

The vulnerability exists in the knowledge upload feature's /api/v1/attachments route, which handles attachment uploads. The API endpoint lacks proper validation of user-supplied parameters, allowing attackers to manipulate these parameters and bypass security checks. The vulnerability has been assigned a critical CVSS v3.1 score of 9.8 (CRITICAL) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating high severity across confidentiality, integrity, and availability impacts (NVD).

The vulnerability allows attackers to upload malicious files, including scripts, configuration files, and SSH keys, potentially leading to remote code execution and complete server compromise. Attackers can perform path traversal and overwrite critical files on the server, enabling them to modify API keys, execute arbitrary code, and gain unauthorized access to sensitive data (Security Online).

As no official patch has been released by the Flowise team, users are advised to either apply the community-provided patch or change their storage type to S3 to mitigate the risk (Security Online).

The vulnerability has raised significant concern due to Flowise's widespread adoption across small and medium-sized businesses (SMBs) and large enterprises. The security community has noted the critical nature of the vulnerability, particularly given the platform's popularity with over 35,000 GitHub stars and more than a million Docker pulls (Security Online).