CVE-2026-46478
HighCVSS 8.8Exploitation Probability (EPSS)
Low risk20th percentile - higher than 20% of all known CVEs
Summary
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, DatasetRow create and update mass-assignment allows cross-workspace row takeover.
Risk Assessment
Organizations may be exposed to unauthorized access to data across different workspaces, potentially leading to data leakage or manipulation.
Recommendation
It is recommended to upgrade to version 3.1.2 or later to mitigate this vulnerability.
Original NVD description (English source)
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, DatasetRow create and update mass-assignment allows cross-workspace row takeover. This issue has been patched in version 3.1.2.

