GHSA-q67q-549q-p849: 
Flowise vulnerability analysis and mitigation

A critical security vulnerability (GHSA-q67q-549q-p849) was discovered in Flowise versions <= 2.2.8, affecting the chat flow ID validation mechanism. The vulnerability was published on September 13, 2025, and patched in version 3.0.6. The issue stems from missing validation of chatflowId and chatId parameters, which could allow attackers to access arbitrary files on the system (GitHub Advisory).

The vulnerability exists in two main cases: First, when creating new chatflows via /api/v1/chatflows endpoint, the addBase64FilesToStorage function processes base64 file data without proper chatflowid validation from the request body. Second, when downloading files through /api/v1/openai-assistants-file/download or /api/v1/get-upload-file endpoints, the streamStorageFile function uses unvalidated chatflowId and chatId for file path generation. The vulnerability received a CVSS v3.1 score of 9.8 (Critical) with vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating network attack vector, low complexity, and no required privileges or user interaction (GitHub Advisory).

The vulnerability can lead to several severe security implications including arbitrary file read/write capabilities, potential Remote Code Execution (RCE), and data loss. Since these APIs are in WHITELIST_URLS, attackers can potentially traverse user storage files without authentication (GitHub Advisory).

The vulnerability has been patched in Flowise version 3.0.6. The fix includes additional validation of chatflowId and chatId parameters, ensuring they are valid UUIDs, and implements checks for filename handling during file upload operations to prevent path traversal. Users should upgrade to version 3.0.6 or later to mitigate this vulnerability (GitHub Advisory).