A critical vulnerability in Flowise, identified as CVE-2025-59528, is being actively exploited by attackers to achieve remote code execution and gain access to file systems. This flaw, which carries a CVSS score of 10, arises from inadequate validation of user-supplied JavaScript in a configuration function, allowing malicious code to be run and systems to be compromised. The vulnerability affects Flowise, an open-source platform used for building and managing customized large language models. Attackers can leverage this vulnerability to gain full control over affected systems, emphasizing the need for prompt mitigation. The exploitation of CVE-2025-59528 expands the active attack surface, making it essential for entities to prioritize their response based on exposure and evidence of exploitation1. This vulnerability poses a significant threat to organizations using Flowise, and addressing it is crucial to prevent potential breaches.
Attackers exploit critical Flowise flaw CVE-2025-59528 for remote code execution
⚠️ Critical Alert
Why This Matters
CVE-2025-59528 disclosure expands the active attack surface — prioritize based on your exposure and exploitation evidence.
References
- SecurityAffairs. (2026, April 7). Attackers exploit critical Flowise flaw CVE-2025-59528 for remote code execution. *SecurityAffairs*. https://securityaffairs.com/190471/security/attackers-exploit-critical-flowise-flaw-cve-2025-59528-for-remote-code-execution.html
Original Source
SecurityAffairs
Read original →