CVE-2025-71324
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk26th percentile — higher than 26% of all known CVEs
Summary
Flowise before version 3.0.6 contains an arbitrary file read vulnerability in the chatId parameter of the /api/v1/get-upload-file and /api/v1/openai-assistants-file/download endpoints. The chatId value is not validated and is passed to streamStorageFile(), where a fallback file-lookup path constructed without the orgId is evaluated after the storage-directory containment check, allowing path traversal beyond the intended storage directory. Unauthenticated attackers can read sensitive files such as /root/.flowise/database.sqlite, exposing all database content in the default configuration.
Risk Assessment
The risk for the organization is critical because an unauthenticated attacker can access sensitive data stored in the Flowise database, potentially including passwords, tokens, and other secrets, which could lead to full system compromise.
Recommendation
Immediately upgrade Flowise to version 3.0.6 or later, which includes a fix for this vulnerability. Additionally, restrict access to the API endpoints using a firewall or authentication.
Original NVD description (English source)
Flowise before 3.0.6 contains an arbitrary file read vulnerability in the chatId parameter of the /api/v1/get-upload-file and /api/v1/openai-assistants-file/download endpoints. The chatId value is not validated and is passed to streamStorageFile(), where a fallback file-lookup path constructed without the orgId is evaluated after the storage-directory containment check, allowing path traversal beyond the intended storage directory. Unauthenticated attackers can read sensitive files such as /root/.flowise/database.sqlite, exposing all database content in the default configuration.

