CVE-2025-61913: 
JavaScript vulnerability analysis and mitigation

Flowise, a drag & drop user interface for building customized large language model flows, contains a critical vulnerability (CVE-2025-61913) in versions prior to 3.0.8. The vulnerability affects both WriteFileTool and ReadFileTool components, which fail to restrict file path access. This security flaw was discovered by the XlabAI Team of Tencent Xuanwu Lab and was disclosed on October 8, 2025 (NVD, GitHub Advisory).

The vulnerability stems from improper input validation in the WriteFileTool and ReadFileTool components. These tools directly use the file_path parameter without verifying whether the path belongs to Flowise's working directory. The issue is classified as CWE-22 (Path Traversal) and has received a CVSS v3.1 score of 9.9 (Critical), with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H. The vulnerable code resides in packages/components/nodes/tools/WriteFile/WriteFile.ts and ReadFile/ReadFile.ts (GitHub Advisory).

The vulnerability allows authenticated attackers to read and write arbitrary files to any path in the file system. In a Docker environment, attackers could access sensitive files like /root/.flowise/encryption.key and /root/.flowise/database.sqlite. In non-Docker deployments, attackers could read critical system files such as /etc/passwd, /etc/shadow, and /root/.ssh/id_rsa. This access could ultimately lead to remote command execution (Security Online).

The vulnerability has been patched in Flowise version 3.0.8. The fix introduces a new SecureFileStore class that enforces security policies by restricting file operations to a defined workspace directory, validating file paths to prevent path traversal, and checking for allowed file extensions and file sizes. Administrators are strongly advised to upgrade immediately to version 3.0.8 (NVD).