Patch now! Attacks on low-coding tool Flowise observed
Unknown attackers are currently exploiting a critical security vulnerability with the highest rating in Flowise. A security patch is available.
(Image: solarseven/Shutterstock.com)
A security researcher warns of attacks on the low-coding tool Flowise. Malicious code is being introduced into systems and compromising them. Admins should install the provided security update immediately.
The Danger
Flowise is used to create AI agents in a drag-and-drop interface. In the context of a connection to an MCP server, attackers can inject malicious code that is then executed without verification. The vulnerability (CVE-2025-59528) is considered "critical" and is rated with the highest possible CVSS score of 10 out of 10.
A security researcher from VulnCheck warns on Linkedin about the ongoing attacks. According to him, they have so far only been able to document attacks from a Starlink IP address. It is also currently unclear to what extent the attacks are occurring. He states that according to their scans, between 12,000 and 15,000 Flowise instances are publicly accessible via the internet. The researcher does not currently specify how many of these are specifically vulnerable.
He explains that two further "critical" vulnerabilities (CVE-2025-26319, CVE-2025-8943) are being exploited.
Videos by heise
The Solution
To protect systems from these attacks, admins must ensure that at least Flowise 3.0.6 is installed. The current release is version 3.1.1.
(des)
