{"vulnerability": "CVE-2025-59528", "sightings": [{"uuid": "6f6e1d25-a3da-4fb3-88f5-74c8c62137fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m6aoztvucx2a", "content": "", "creation_timestamp": "2025-11-22T21:02:33.984941Z"}, {"uuid": "8f3b8c7e-631c-41c7-afb2-5c75d63dd84b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m4lvabofbd2l", "content": "", "creation_timestamp": "2025-11-01T21:02:25.573494Z"}, {"uuid": "9aab11a3-7a0c-4eaf-bd69-a560cf10af61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-59528", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3lzhmmncqts2w", "content": "", "creation_timestamp": "2025-09-23T00:02:02.508069Z"}, {"uuid": "51d2ad13-6b9a-4319-bb89-017f27bf3100", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3miu5yzvoqp2p", "content": "", "creation_timestamp": "2026-04-06T21:03:15.459003Z"}, {"uuid": "02deed1a-39ce-4871-8822-801843cc1897", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mirnk4evhu22", "content": "", "creation_timestamp": "2026-04-05T21:03:02.946135Z"}, {"uuid": "84be76d4-3f17-4dee-b141-0e14356ebb25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-59528.yaml", "content": "", "creation_timestamp": "2026-04-02T20:32:37.000000Z"}, {"uuid": "2d381452-fde7-436e-bb4d-66aec0568998", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3miv57xg5fw42", "content": "", "creation_timestamp": "2026-04-07T06:21:45.778534Z"}, {"uuid": "bbc1cd47-ef24-4b8f-a430-813aa868fbf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "seen", "source": "https://bsky.app/profile/solomonneas.dev/post/3mivqaiwcuk27", "content": "", "creation_timestamp": "2026-04-07T12:02:16.180148Z"}, {"uuid": "df0e54d7-7405-4100-a36a-b73b0d49d27b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3miv67akktm2u", "content": "", "creation_timestamp": "2026-04-07T06:39:10.868067Z"}, {"uuid": "1fff9be9-0f2f-4ad9-8458-64cb5056df2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "seen", "source": "https://thehackernews.com/2026/04/flowise-ai-agent-builder-under-active.html", "content": "", "creation_timestamp": "2026-04-07T03:56:00.000000Z"}, {"uuid": "e22b5e98-cd21-4137-954d-d9c8e9bfe860", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "seen", "source": "https://threatintel.cc/2026/04/07/flowise-ai-agent-builder-under.html", "content": "", "creation_timestamp": "2026-04-07T14:30:04.000000Z"}, {"uuid": "e5a41c7f-5c1d-40fe-869a-01f6bd556670", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3miwodht35h2z", "content": "", "creation_timestamp": "2026-04-07T21:00:37.143441Z"}, {"uuid": "82b13a96-07e4-4b6e-82fc-fb18e8c7bf1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "seen", "source": "https://bsky.app/profile/FunctionalProgramming.activitypub.awakari.com.ap.brid.gy/post/3miwoe3kjqaa2", "content": "", "creation_timestamp": "2026-04-07T21:01:23.737834Z"}, {"uuid": "2785afb9-29c0-463a-912c-92431dd84c75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3miworvt36p2r", "content": "", "creation_timestamp": "2026-04-07T21:08:40.851269Z"}, {"uuid": "b8c700b0-0974-4467-87a4-8580587ff3f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mj3zd2biqt27", "content": "", "creation_timestamp": "2026-04-10T00:00:27.702623Z"}, {"uuid": "9d9a0623-359b-4ee8-a53a-23ee9452d4e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mix4mg5lud22", "content": "", "creation_timestamp": "2026-04-08T01:16:05.037186Z"}, {"uuid": "801138cd-c62c-46a6-b357-4a9b396cbc10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mixaoxbf5327", "content": "", "creation_timestamp": "2026-04-08T02:30:30.104026Z"}, {"uuid": "047085d6-35f1-4932-b3be-61e7fef4353a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "seen", "source": "https://bsky.app/profile/eyalestrin.bsky.social/post/3mixulyuzbk2u", "content": "", "creation_timestamp": "2026-04-08T08:25:20.476152Z"}, {"uuid": "64b57748-e439-4bda-9477-70201f8d1c7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "published-proof-of-concept", "source": "Telegram/i4Th3-qfHPrRxEPubQsx_tgczYzW3xhGs7IIz0Vj8tpPp0c", "content": "", "creation_timestamp": "2025-11-27T21:00:05.000000Z"}, {"uuid": "a6442414-f831-478a-a6f9-7efb8aaae295", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3miyck2jsg72j", "content": "", "creation_timestamp": "2026-04-08T12:34:48.142528Z"}, {"uuid": "07c4adf0-cea5-4b3e-85b6-52c149d6ffd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3miydfbwlg22q", "content": "", "creation_timestamp": "2026-04-08T12:50:02.000095Z"}, {"uuid": "ea991e00-a556-47ea-b020-f1f02610b58e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "seen", "source": "https://www.acn.gov.it/portale/w/flowise-rilevato-sfruttamento-in-rete-della-cve-2025-59528", "content": "", "creation_timestamp": "2026-04-08T09:51:19.000000Z"}, {"uuid": "44240ffe-3800-49a2-9b15-35da74b74a32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-59528", "type": "exploited", "source": "https://www.linkedin.com/feed/update/urn:li:activity:7446686314562850817/", "content": "", "creation_timestamp": "2026-04-06T04:00:00.000000Z"}, {"uuid": "c721b184-9705-4edd-80ab-82c0c21fd6df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3miyjtn7dod2b", "content": "", "creation_timestamp": "2026-04-08T14:45:26.177720Z"}, {"uuid": "d0c8cb2c-efa1-440f-98c8-ba2f286a3621", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3miyrma3vde2x", "content": "", "creation_timestamp": "2026-04-08T17:04:28.101617Z"}, {"uuid": "4aa6f16d-60cc-4366-a099-1646724b4989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3miywfuopu22q", "content": "", "creation_timestamp": "2026-04-08T18:30:22.600343Z"}, {"uuid": "d42b7b29-1041-4d59-975b-7b1cb20cf292", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "exploited", "source": "https://t.me/xakep_ru/19230", "content": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Flowise \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u0442\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u043f\u0435\u0440\u0432\u044b\u0435 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0430\u0442\u0430\u043a \u043d\u0430 \u0418\u0418-\u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0443 Flowise \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2025-59528, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0438\u043d\u044a\u0435\u043a\u0446\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e JavaScript-\u043a\u043e\u0434\u0430. \u042d\u0442\u043e\u0442 \u0431\u0430\u0433 \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0435 10 \u0431\u0430\u043b\u043b\u043e\u0432 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS, \u0438 \u043e \u043d\u0435\u043c \u0431\u044b\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u043b\u0443\u0433\u043e\u0434\u0430, \u043e\u0434\u043d\u0430\u043a\u043e \u0432 \u0441\u0435\u0442\u0438 \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u043e\u0442 12 000 \u0434\u043e 15 000 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 Flowise.\n\nhttps://xakep.ru/2026/04/10/flowise-attacks/", "creation_timestamp": "2026-04-10T15:41:14.000000Z"}, {"uuid": "e1727eca-fcd9-4427-bca9-be900d57b42a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-59528", "type": "seen", "source": "https://bsky.app/profile/ai-nerd.bsky.social/post/3mjn2wvwvuy2w", "content": "", "creation_timestamp": "2026-04-16T18:44:50.082124Z"}, {"uuid": "c17274c2-4db3-4353-aadc-9c17744db437", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "seen", "source": "https://bsky.app/profile/termsofsurrender.bsky.social/post/3mj5qcwrtij2s", "content": "", "creation_timestamp": "2026-04-10T16:24:40.069412Z"}, {"uuid": "efec20b1-10c1-46fa-97af-69ab02bb5c95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/60955", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-59528\nURL\uff1ahttps://github.com/B1ack4sh/Blackash-CVE-2025-59528\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-11-27T14:38:41.000000Z"}, {"uuid": "4ec3efb9-6878-479a-a24d-a06be54331e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "seen", "source": "https://gist.github.com/mrbrownstone07/2caf598e6f4230d711c7fbf7954c24bf", "content": "", "creation_timestamp": "2026-04-17T15:49:26.000000Z"}, {"uuid": "d9deba29-c8d5-41a1-afdb-d92e8935ff13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/79998", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a HTB\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a secopssite\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 9  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 2\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-04-12 13:45:53\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nHackTheBox (HTB) writeups and exploit kits: Silentium, VariaType, Fries, Garfield, Hercules, Kobold, Pirate, CCTV, DevArea, HiddenPath, LockedAway, Interpreter \u2014 CVE-2025-59528, CVE-2025-8110, CVE-2025-2945, CVE-2026-23520, CVE-2025-66034, CVE-2024-25082\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-04-12T14:00:04.000000Z"}, {"uuid": "f83dddd0-f26d-4913-bb28-645b00d36050", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "published-proof-of-concept", "source": "Telegram/jqsHB6FIdeMNMlYJLaE-SWbBIQ7X4SKPFQvaPULFC7d8_bM", "content": "", "creation_timestamp": "2026-04-14T15:00:07.000000Z"}, {"uuid": "73c2711b-af8d-490d-a6ce-53254e592eff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "exploited", "source": "https://t.me/thehackernews/8751", "content": "\ud83d\uded1 Flowise has a CVSS 10.0 RCE flaw (CVE-2025-59528) now under active attack.\n\nA bug in MCP config lets attackers run JavaScript with full system access using just an API token. Over 12,000 exposed instances raise risk.\n\n\ud83d\udd17 Exploitation details \u2192 https://thehackernews.com/2026/04/flowise-ai-agent-builder-under-active.html", "creation_timestamp": "2026-04-07T06:00:05.000000Z"}, {"uuid": "8468bd8f-ba4d-457e-98ae-069edbfa6662", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "seen", "source": "https://t.me/ctinow/248433", "content": "Attackers exploit critical Flowise flaw CVE-2025-59528 for remote code execution\nhttps://ift.tt/3FsBOlt", "creation_timestamp": "2026-04-07T20:59:51.000000Z"}, {"uuid": "1ffb0b21-11e4-467b-958d-cf7521050467", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "exploited", "source": "https://t.me/true_secator/8076", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 VulnCheck \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u043e\u0431 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u043c \u0443\u0440\u043e\u0432\u043d\u0435\u043c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432\u00a0Flowise, \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 \u0418\u0418 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0439 \u0440\u044f\u0434\u043e\u043c \u043a\u0440\u0443\u043f\u043d\u044b\u0445 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0446\u0438\u0439.\n\n\u0420\u0435\u0447\u044c \u0438\u0434\u0435\u0442 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2025-59528 (CVSS: 10.0), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430.\n\n\u0423\u0437\u0435\u043b CustomMCP \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0432\u0432\u043e\u0434\u0438\u0442\u044c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u043a \u0432\u043d\u0435\u0448\u043d\u0435\u043c\u0443 \u0441\u0435\u0440\u0432\u0435\u0440\u0443 MCP, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u0435\u0442 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0441\u0442\u0440\u043e\u043a\u0443 mcpServerConfig \u0434\u043b\u044f \u043f\u043e\u0441\u0442\u0440\u043e\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u044d\u0442\u043e\u0433\u043e \u043e\u043d \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u043a\u043e\u0434 JavaScript \u0431\u0435\u0437 \u043a\u0430\u043a\u043e\u0439-\u043b\u0438\u0431\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\nFlowise \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430, \u0447\u0442\u043e \u0443\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u043f\u0430\u0441\u043d\u044b\u043c \u043c\u043e\u0434\u0443\u043b\u044f\u043c, \u0442\u0430\u043a\u0438\u043c \u043a\u0430\u043a child_process (\u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u0430\u043d\u0434) \u0438 fs (\u0444\u0430\u0439\u043b\u043e\u0432\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430), \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043e\u043d \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0441 \u043f\u043e\u043b\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u0441\u0440\u0435\u0434\u044b \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f Node.js.\n\n\u0418\u043d\u044b\u043c\u0438 \u0441\u043b\u043e\u0432\u0430\u043c\u0438, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0439 \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 JavaScript \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 Flowise, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a \u043f\u043e\u043b\u043d\u043e\u0439 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0434\u043e\u0441\u0442\u0443\u043f\u0443 \u043a \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u043c\u0430\u043d\u0434 \u0438 \u0443\u0442\u0435\u0447\u043a\u0435 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u041a\u0430\u043a \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438 \u0432 Flowise, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u0442\u043e\u043a\u0435\u043d API, \u044d\u0442\u043e \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0447\u0440\u0435\u0437\u0432\u044b\u0447\u0430\u0439\u043d\u0443\u044e \u0443\u0433\u0440\u043e\u0437\u0443 \u0434\u043b\u044f \u043d\u0435\u043f\u0440\u0435\u0440\u044b\u0432\u043d\u043e\u0441\u0442\u0438 \u0431\u0438\u0437\u043d\u0435\u0441\u0430 \u0438 \u0434\u0430\u043d\u043d\u044b\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432. \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0432\u044b\u0440\u0430\u0437\u0438\u043b\u0430 \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u043d\u043e\u0441\u0442\u044c \u041a\u0438\u043c \u0421\u0443 \u0425\u0451\u043d \u0437\u0430 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u0435 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 3.0.6 \u043f\u0430\u043a\u0435\u0442\u0430 npm.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0434\u0430\u043d\u043d\u044b\u043c VulnCheck, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u043b\u0430\u0441\u044c \u0441 \u043e\u0434\u043d\u043e\u0433\u043e IP-\u0430\u0434\u0440\u0435\u0441\u0430 Starlink.\n\nCVE-2025-59528 - \u044d\u0442\u043e \u0443\u0436\u0435 \u0442\u0440\u0435\u0442\u044c\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Flowise, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0430\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u043f\u043e\u0441\u043b\u0435 CVE-2025-8943 (CVSS: 9,8), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u041e\u0421, \u0438 CVE-2025-26319 (CVSS: 8,9), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430 \u0431\u043e\u043b\u0435\u0435 \u0448\u0435\u0441\u0442\u0438 \u043c\u0435\u0441\u044f\u0446\u0435\u0432, \u0430 \u044d\u0442\u043e \u0437\u043d\u0430\u0447\u0438\u0442, \u0447\u0442\u043e \u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0431\u044b\u043b\u043e \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043c\u043d\u043e\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438, \u0447\u0442\u043e\u0431\u044b \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u044c \u043f\u0440\u0438\u043e\u0440\u0438\u0442\u0435\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u0435\u0435.\n\n\u041a \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043f\u043b\u043e\u0449\u0430\u0434\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u043f\u043e\u0432\u0435\u0440\u0445\u043d\u043e\u0441\u0442\u0438, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0439 \u0438\u0437 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430, \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 12 000 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0445 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432, \u0447\u0442\u043e Flowise \u043a\u0440\u0430\u0439\u043d\u0435 \u0432\u043e\u0441\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0446\u0435\u043b\u044c\u044e \u0434\u043b\u044f \u043a\u0438\u0431\u0435\u0440\u043f\u043e\u0434\u043f\u043e\u043b\u044c\u044f, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u0435\u043b\u0438 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0443\u0436\u0435 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u044e\u0442 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.", "creation_timestamp": "2026-04-07T18:20:05.000000Z"}, {"uuid": "18bc3806-a764-42ef-a669-b2c7c1e7ffc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "exploited", "source": "https://t.me/BleepingComputer/24408", "content": "\u200aMax severity Flowise RCE vulnerability now exploited in attacks\n\nHackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for building custom LLM apps and agentic systems to execute arbitrary code. [...]\n\nhttps://www.bleepingcomputer.com/news/security/max-severity-flowise-rce-vulnerability-now-exploited-in-attacks/", "creation_timestamp": "2026-04-07T17:46:36.000000Z"}, {"uuid": "a9761ed1-40ca-4e0a-b823-405484ecbd88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "published-proof-of-concept", "source": "Telegram/S964UnaAzc4FW7CZCUbAm7wNqkztcWapRmtGqRf9U9sXCaA", "content": "", "creation_timestamp": "2026-04-12T03:00:07.000000Z"}, {"uuid": "f4f1f1c6-14de-4865-bfb6-d3e9994f1515", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "exploited", "source": "Telegram/ODWflLMLbVvGfdid2lwnx3810JM3zyf3Y-tOOmeM1HYXGKaF", "content": "", "creation_timestamp": "2026-04-07T21:05:05.000000Z"}, {"uuid": "752706b9-8b93-4364-b54a-6872b1e35f1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "exploited", "source": "Telegram/i80ChqxtCwMTCecuezPWlkw9fIB_SXz6drz3fdFtvVclrg", "content": "", "creation_timestamp": "2026-04-07T06:25:43.000000Z"}, {"uuid": "fcdffa47-8964-45d0-8d85-b48cba140cc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "published-proof-of-concept", "source": "Telegram/pCo_ULdqtYm5JNcUwpHa2UncR4FyWF1uQHW0ymYDC6k2-2Y", "content": "", "creation_timestamp": "2026-04-15T09:00:05.000000Z"}, {"uuid": "d44b0521-d3bc-4d0d-afe5-400eb2fc8902", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "seen", "source": "https://bsky.app/profile/hakksaww.bsky.social/post/3ml2ly6ysgp25", "content": "Already on our IOC corpus before launch:\n\n@iflow-mcp/watercrawl-watercrawl-mcp v1.3.0-1.3.4 = GlassWorm (Aikido)\n20+ MCP-named repos serving SmartLoader (URLhaus)\nCVE-2025-59528: mcpServerConfig exploit\n\nThe ecosystem's been targeted, just not counted.", "creation_timestamp": "2026-05-04T21:19:28.502731Z"}, {"uuid": "ff9246ea-1ae9-4f95-bd5f-d9e3eaaec9fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "published-proof-of-concept", "source": "Telegram/M2s3PphtTCD9brru-X6QMyPesFMqQlhfbVnnLWpusEfiV5g", "content": "", "creation_timestamp": "2026-05-16T21:00:04.000000Z"}, {"uuid": "65cd396b-18a1-40c1-b615-2f2aae8e4cdd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59528", "type": "seen", "source": "Telegram/FMuj_IRa9WJxg8stLSMyK9s8hezzOoxBzO2QROQaixpXJv8", "content": "", "creation_timestamp": "2026-05-17T21:00:04.000000Z"}]}