npm / flowise-components

Flowise: Cypher Injection in GraphCypherQAChain

수정: 2026. 5. 5.

Flowise: SSRF Protection Bypass (TOCTOU & Default Insecure)

수정: 2026. 5. 5.

Flowise: CSV Agent Prompt Injection Remote Code Execution Vulnerability

수정: 2026. 5. 5.

Flowise: APIChain Prompt Injection SSRF in GET/POST API Chains

수정: 2026. 5. 5.

Flowise Execute Flow function has an SSRF vulnerability

수정: 2026. 4. 16.

Flowise: Code Injection in CSVAgent leads to Authenticated RCE

수정: 2026. 5. 5.

Flowise: Authenticated RCE Via MCP Adapters

수정: 2026. 4. 16.

Flowise: Parameter Override Bypass Remote Command Execution

수정: 2026. 5. 5.

Flowise: Remote code execution vulnerability in AirtableAgent.ts caused by lack of input verification when using `Pandas`.

수정: 2026. 5. 5.

Flowise affected by Server-Side Request Forgery (SSRF) in HTTP Node Leading to Internal Network Access

수정: 2026. 4. 10.

Flowise Vulnerable to SQL Injection via `tableName` Parameter

수정: 2025. 4. 10.

Flowise is vulnerable to arbitrary file exposure through its ReadFileTool

수정: 2026. 2. 4.

Flowise is vulnerable to arbitrary file write through its WriteFileTool

수정: 2026. 2. 4.

Flowise has an MCP Security Bypass that Enables RCE

수정: 2026. 5. 16.

Flowise: SSRF Protection Bypass via Direct node-fetch / axios Usage (Patch Enforcement Failure)

수정: 2026. 5. 13.

Flowise: Airtable_Agent Code Injection Remote Code Execution Vulnerability

수정: 2026. 5. 5.

Flowise: Path Traversal in Vector Store basePath

수정: 2026. 4. 16.

Flowise: SSRF Protection Bypass via Unprotected Built-in HTTP Modules in Custom Function Sandbox

수정: 2026. 5. 5.