CVE Catalog

CVE-2026-46475

HighCVSS 8.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.05%

17th percentile - higher than 17% of all known CVEs

Summary

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, assistant create and update mass-assignment allows cross-workspace assistant takeover.

Risk Assessment

Organizations may be exposed to unauthorized assistant takeover, potentially leading to data leaks or unauthorized access to resources.

Recommendation

It is recommended to upgrade to version 3.1.2 or later to mitigate this vulnerability.

Original NVD description (English source)

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, assistant create and update mass-assignment allows cross-workspace assistant takeover. This issue has been patched in version 3.1.2.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS