CVE-2025-34267: 
Flowise vulnerability analysis and mitigation

Flowise v3.0.1 < 3.0.8 and all versions after with 'ALLOWBUILTINDEP' enabled contain an authenticated remote code execution vulnerability and node VM sandbox escape due to insecure use of integrated modules (Puppeteer and Playwright) within the nodevm execution environment. The vulnerability was discovered and disclosed on October 14, 2025, affecting Flowise installations with specific version constraints and configuration settings (VulnCheck Advisory, Flowise Advisory).

The vulnerability exists in the executeJavaScriptCode function located in packages/components/src/utils.ts. The function concatenates availableDependencies (which includes Puppeteer and Playwright) with externalDeps without proper restrictions. The vulnerability has a CVSS v4.0 score of 8.4 HIGH with vector CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:H/SA:L, and is classified as CWE-77 (Improper Neutralization of Special Elements used in a Command) (VulnCheck Advisory).

An authenticated attacker able to create or run a tool that leverages Puppeteer/Playwright can specify attacker-controlled browser binary paths and parameters. When the tool executes, the attacker-controlled executable/parameters are run on the host and circumvent the intended nodevm sandbox restrictions, resulting in execution of arbitrary code in the context of the host (VulnCheck Advisory).

The vulnerability has been patched in version 3.0.8. The fix introduces a check for the ALLOWBUILTINDEP environment variable, which is false by default. When this variable is not explicitly set to true, the availableDependencies are not loaded, effectively preventing the vulnerability (Flowise Pull Request).