CVE-2025-59528 (GCVE-0-2025-59528)
Vulnerability from cvelistv5 – Published: 2025-09-22 19:54 – Updated: 2025-09-22 20:24
VLAI
KEVintel KEV
Title
Flowise has Remote Code Execution vulnerability
Summary
Flowise is a drag & drop user interface to build a customized large language model flow. In version 3.0.5, Flowise is vulnerable to remote code execution. The CustomMCP node allows users to input configuration settings for connecting to an external MCP server. This node parses the user-provided mcpServerConfig string to build the MCP server configuration. However, during this process, it executes JavaScript code without any security validation. Specifically, inside the convertToValidJSONString function, user input is directly passed to the Function() constructor, which evaluates and executes the input as JavaScript code. Since this runs with full Node.js runtime privileges, it can access dangerous modules such as child_process and fs. This issue has been patched in version 3.0.6.
Severity
10 (Critical)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://github.com/FlowiseAI/Flowise/security/adv… | x_refsource_CONFIRM |
| https://github.com/FlowiseAI/Flowise/blob/5930f11… | x_refsource_MISC |
| https://github.com/FlowiseAI/Flowise/blob/5930f11… | x_refsource_MISC |
| https://github.com/FlowiseAI/Flowise/blob/5930f11… | x_refsource_MISC |
| https://github.com/FlowiseAI/Flowise/blob/5930f11… | x_refsource_MISC |
| https://github.com/FlowiseAI/Flowise/blob/5930f11… | x_refsource_MISC |
| https://github.com/FlowiseAI/Flowise/blob/5930f11… | x_refsource_MISC |
| https://github.com/FlowiseAI/Flowise/releases/tag… | x_refsource_MISC |
KEVintel KEV
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: 6fec5af1-bdae-4e72-b62f-ad6bd4e72f1c
Exploited: Yes
Timestamps
First Seen: 2026-04-10
Asserted: 2026-04-10
Scope
Notes: KEVIntel entry: Flowise has Remote Code Execution vulnerability | Affected: FlowiseAI / Flowise | CVSS: 10.0 (CRITICAL) | Used in malware: unknown | Not yet in CISA KEV: True
Evidence
Type: Public Report
Signal: Successful Exploitation
Confidence: 70%
Source: kevintel
Details
| Feed | KEVIntel (kevintel.com) |
|---|---|
| Title | Flowise has Remote Code Execution vulnerability |
| Vendor | FlowiseAI |
| Product | Flowise |
| Added Date | 2026-04-10T15:41:14.000Z |
| Cvss Score | 10.0 |
| Epss Score | None |
| Cvss Severity | CRITICAL |
| Epss Percentile | None |
| Used In Malware | unknown |
| Ahead Of Cisa Kev | None |
| Not Yet In Cisa Kev | True |
References
Created: 2026-06-19 12:45 UTC
| Updated: 2026-06-19 12:45 UTC
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59528",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-22T20:23:40.363660Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-22T20:24:09.883Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Flowise",
"vendor": "FlowiseAI",
"versions": [
{
"status": "affected",
"version": "= 3.0.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Flowise is a drag \u0026 drop user interface to build a customized large language model flow. In version 3.0.5, Flowise is vulnerable to remote code execution. The CustomMCP node allows users to input configuration settings for connecting to an external MCP server. This node parses the user-provided mcpServerConfig string to build the MCP server configuration. However, during this process, it executes JavaScript code without any security validation. Specifically, inside the convertToValidJSONString function, user input is directly passed to the Function() constructor, which evaluates and executes the input as JavaScript code. Since this runs with full Node.js runtime privileges, it can access dangerous modules such as child_process and fs. This issue has been patched in version 3.0.6."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-22T19:54:58.196Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-3gcm-f6qx-ff7p",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-3gcm-f6qx-ff7p"
},
{
"name": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L132",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L132"
},
{
"name": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L220",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L220"
},
{
"name": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L262-L270",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L262-L270"
},
{
"name": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/controllers/nodes/index.ts#L57-L78",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/controllers/nodes/index.ts#L57-L78"
},
{
"name": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/routes/node-load-methods/index.ts#L5",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/routes/node-load-methods/index.ts#L5"
},
{
"name": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/services/nodes/index.ts#L91-L94",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/services/nodes/index.ts#L91-L94"
},
{
"name": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.6"
}
],
"source": {
"advisory": "GHSA-3gcm-f6qx-ff7p",
"discovery": "UNKNOWN"
},
"title": "Flowise has Remote Code Execution vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-59528",
"datePublished": "2025-09-22T19:54:58.196Z",
"dateReserved": "2025-09-17T17:04:20.373Z",
"dateUpdated": "2025-09-22T20:24:09.883Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-59528",
"date": "2026-06-19",
"epss": "0.90183",
"percentile": "0.99783"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-59528\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-09-22T20:15:39.530\",\"lastModified\":\"2025-09-23T16:45:09.443\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Flowise is a drag \u0026 drop user interface to build a customized large language model flow. In version 3.0.5, Flowise is vulnerable to remote code execution. The CustomMCP node allows users to input configuration settings for connecting to an external MCP server. This node parses the user-provided mcpServerConfig string to build the MCP server configuration. However, during this process, it executes JavaScript code without any security validation. Specifically, inside the convertToValidJSONString function, user input is directly passed to the Function() constructor, which evaluates and executes the input as JavaScript code. Since this runs with full Node.js runtime privileges, it can access dangerous modules such as child_process and fs. This issue has been patched in version 3.0.6.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":10.0,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":6.0}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:flowiseai:flowise:3.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5D151AD-7484-4BE3-B42F-7D0279B5E886\"}]}]}],\"references\":[{\"url\":\"https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L132\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L220\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L262-L270\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/controllers/nodes/index.ts#L57-L78\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/routes/node-load-methods/index.ts#L5\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/services/nodes/index.ts#L91-L94\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.6\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-3gcm-f6qx-ff7p\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-59528\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-09-22T20:23:40.363660Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-09-22T20:24:01.249Z\"}}], \"cna\": {\"title\": \"Flowise has Remote Code Execution vulnerability\", \"source\": {\"advisory\": \"GHSA-3gcm-f6qx-ff7p\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 10, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"FlowiseAI\", \"product\": \"Flowise\", \"versions\": [{\"status\": \"affected\", \"version\": \"= 3.0.5\"}]}], \"references\": [{\"url\": \"https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-3gcm-f6qx-ff7p\", \"name\": \"https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-3gcm-f6qx-ff7p\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L132\", \"name\": \"https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L132\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L220\", \"name\": \"https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L220\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L262-L270\", \"name\": \"https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L262-L270\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/controllers/nodes/index.ts#L57-L78\", \"name\": \"https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/controllers/nodes/index.ts#L57-L78\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/routes/node-load-methods/index.ts#L5\", \"name\": \"https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/routes/node-load-methods/index.ts#L5\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/services/nodes/index.ts#L91-L94\", \"name\": \"https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/services/nodes/index.ts#L91-L94\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.6\", \"name\": \"https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.6\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Flowise is a drag \u0026 drop user interface to build a customized large language model flow. In version 3.0.5, Flowise is vulnerable to remote code execution. The CustomMCP node allows users to input configuration settings for connecting to an external MCP server. This node parses the user-provided mcpServerConfig string to build the MCP server configuration. However, during this process, it executes JavaScript code without any security validation. Specifically, inside the convertToValidJSONString function, user input is directly passed to the Function() constructor, which evaluates and executes the input as JavaScript code. Since this runs with full Node.js runtime privileges, it can access dangerous modules such as child_process and fs. This issue has been patched in version 3.0.6.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-94\", \"description\": \"CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-09-22T19:54:58.196Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-59528\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-09-22T20:24:09.883Z\", \"dateReserved\": \"2025-09-17T17:04:20.373Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-09-22T19:54:58.196Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CNVD-2025-23078
Vulnerability from cnvd - Published: 2025-09-28
VLAI
Title
Flowise跨站脚本漏洞
Description
Flowise是FlowiseAI开源的一个用于轻松构建LLM应用程序的工具。
Flowise 3.0.5版本存在跨站脚本漏洞,该漏洞源于CustomMCP节点直接执行用户输入的JavaScript代码,攻击者可利用该漏洞导致远程代码执行。
Severity
高
Patch Name
Flowise跨站脚本漏洞的补丁
Patch Description
Flowise是FlowiseAI开源的一个用于轻松构建LLM应用程序的工具。
Flowise 3.0.5版本存在跨站脚本漏洞,该漏洞源于CustomMCP节点直接执行用户输入的JavaScript代码,攻击者可利用该漏洞导致远程代码执行。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://github.com/FlowiseAI/Flowise/releases
Reference
https://nvd.nist.gov/vuln/detail/CVE-2025-59528
Impacted products
| Name | Flowise Flowise 3.0.5 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2025-59528",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2025-59528"
}
},
"description": "Flowise\u662fFlowiseAI\u5f00\u6e90\u7684\u4e00\u4e2a\u7528\u4e8e\u8f7b\u677e\u6784\u5efaLLM\u5e94\u7528\u7a0b\u5e8f\u7684\u5de5\u5177\u3002\n\nFlowise 3.0.5\u7248\u672c\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eCustomMCP\u8282\u70b9\u76f4\u63a5\u6267\u884c\u7528\u6237\u8f93\u5165\u7684JavaScript\u4ee3\u7801\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://github.com/FlowiseAI/Flowise/releases",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2025-23078",
"openTime": "2025-09-28",
"patchDescription": "Flowise\u662fFlowiseAI\u5f00\u6e90\u7684\u4e00\u4e2a\u7528\u4e8e\u8f7b\u677e\u6784\u5efaLLM\u5e94\u7528\u7a0b\u5e8f\u7684\u5de5\u5177\u3002\r\n\r\nFlowise 3.0.5\u7248\u672c\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eCustomMCP\u8282\u70b9\u76f4\u63a5\u6267\u884c\u7528\u6237\u8f93\u5165\u7684JavaScript\u4ee3\u7801\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Flowise\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Flowise Flowise 3.0.5"
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2025-59528",
"serverity": "\u9ad8",
"submitTime": "2025-09-25",
"title": "Flowise\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e"
}
FKIE_CVE-2025-59528
Vulnerability from fkie_nvd - Published: 2025-09-22 20:15 - Updated: 2026-06-17 09:46
Severity
Summary
Flowise is a drag & drop user interface to build a customized large language model flow. In version 3.0.5, Flowise is vulnerable to remote code execution. The CustomMCP node allows users to input configuration settings for connecting to an external MCP server. This node parses the user-provided mcpServerConfig string to build the MCP server configuration. However, during this process, it executes JavaScript code without any security validation. Specifically, inside the convertToValidJSONString function, user input is directly passed to the Function() constructor, which evaluates and executes the input as JavaScript code. Since this runs with full Node.js runtime privileges, it can access dangerous modules such as child_process and fs. This issue has been patched in version 3.0.6.
References
{
"affected": [
{
"affectedData": [
{
"product": "Flowise",
"vendor": "FlowiseAI",
"versions": [
{
"status": "affected",
"version": "= 3.0.5"
}
]
}
],
"source": "security-advisories@github.com"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:flowiseai:flowise:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D5D151AD-7484-4BE3-B42F-7D0279B5E886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Flowise is a drag \u0026 drop user interface to build a customized large language model flow. In version 3.0.5, Flowise is vulnerable to remote code execution. The CustomMCP node allows users to input configuration settings for connecting to an external MCP server. This node parses the user-provided mcpServerConfig string to build the MCP server configuration. However, during this process, it executes JavaScript code without any security validation. Specifically, inside the convertToValidJSONString function, user input is directly passed to the Function() constructor, which evaluates and executes the input as JavaScript code. Since this runs with full Node.js runtime privileges, it can access dangerous modules such as child_process and fs. This issue has been patched in version 3.0.6."
}
],
"id": "CVE-2025-59528",
"lastModified": "2026-06-17T09:46:20.590",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0,
"source": "security-advisories@github.com",
"type": "Secondary"
}
],
"ssvcV203": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"ssvcData": {
"id": "CVE-2025-59528",
"options": [
{
"exploitation": "poc"
},
{
"automatable": "yes"
},
{
"technicalImpact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-22T20:23:40.363660Z",
"version": "2.0.3"
}
}
]
},
"published": "2025-09-22T20:15:39.530",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Product"
],
"url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L132"
},
{
"source": "security-advisories@github.com",
"tags": [
"Product"
],
"url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L220"
},
{
"source": "security-advisories@github.com",
"tags": [
"Product"
],
"url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L262-L270"
},
{
"source": "security-advisories@github.com",
"tags": [
"Product"
],
"url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/controllers/nodes/index.ts#L57-L78"
},
{
"source": "security-advisories@github.com",
"tags": [
"Product"
],
"url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/routes/node-load-methods/index.ts#L5"
},
{
"source": "security-advisories@github.com",
"tags": [
"Product"
],
"url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/services/nodes/index.ts#L91-L94"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.6"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-3gcm-f6qx-ff7p"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
GHSA-3GCM-F6QX-FF7P
Vulnerability from github – Published: 2025-09-15 19:59 – Updated: 2025-10-13 15:49
VLAI
Summary
Flowise has Remote Code Execution vulnerability
Details
Description
Cause of the Vulnerability
The CustomMCP node allows users to input configuration settings for connecting to an external MCP (Model Context Protocol) server. This node parses the user-provided mcpServerConfig string to build the MCP server configuration. However, during this process, it executes JavaScript code without any security validation.
Specifically, inside the convertToValidJSONString function, user input is directly passed to the Function() constructor, which evaluates and executes the input as JavaScript code. Since this runs with full Node.js runtime privileges, it can access dangerous modules such as child_process and fs.
Vulnerability Flow
- User Input Received: Input is provided via the API endpoint
/api/v1/node-load-method/customMCPthrough themcpServerConfigparameter. - Variable Substitution: The
substituteVariablesInStringfunction replaces template variables like$vars.xxx, but no security filtering is applied during this step. - Dangerous Code Execution: The
convertToValidJSONStringfunction executes the input usingFunction('return ' + inputString)(). If theinputStringcontains malicious code, it gets executed in the global Node.js context, allowing actions such as command execution and file system access.
Taint Flow
-
Taint 01: Route Registration
index.ts(Line 5) -
Taint 02: Controller
index.ts(Line 57–78) -
Taint 03: Service
index.ts(Line 91–94) -
Taint 04: CustomMCP Node Entry Point
CustomMCP.ts(Line 132) -
Taint 05: Variable Substitution
CustomMCP.ts(Line 220) -
Taint 06: Dangerous Constructor Execution
CustomMCP.ts(Line 262–270)
Proof of Concept (PoC)
curl -X POST http://localhost:3000/api/v1/node-load-method/customMCP \
-H "Content-Type: application/json" \
-H "Authorization: Bearer tmY1fIjgqZ6-nWUuZ9G7VzDtlsOiSZlDZjFSxZrDd0Q" \
-d '{
"loadMethod": "listActions",
"inputs": {
"mcpServerConfig": "({x:(function(){const cp = process.mainModule.require(\"child_process\");cp.execSync(\"echo !!RCE-OK!! >/tmp/RCE.txt\");return 1;})()})"
}
}'
When executed, this creates a file /tmp/RCE.txt on the server, confirming command execution.
Impact
Complete System Takeover and Infrastructure Threat
This vulnerability allows attackers to execute arbitrary JavaScript code on the Flowise server, leading to:
- Full system compromise
- File system access
- Command execution
- Sensitive data exfiltration
As only an API token is required, this poses an extreme security risk to business continuity and customer data.
Severity
10.0 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "flowise"
},
"ranges": [
{
"events": [
{
"introduced": "3.0.5"
},
{
"fixed": "3.0.6"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.0.5"
]
}
],
"aliases": [
"CVE-2025-59528"
],
"database_specific": {
"cwe_ids": [
"CWE-94"
],
"github_reviewed": true,
"github_reviewed_at": "2025-09-15T19:59:57Z",
"nvd_published_at": "2025-09-22T20:15:39Z",
"severity": "CRITICAL"
},
"details": "## Description\n\n### Cause of the Vulnerability\n\nThe `CustomMCP` node allows users to input configuration settings for connecting to an external MCP (Model Context Protocol) server. This node parses the user-provided `mcpServerConfig` string to build the MCP server configuration. However, during this process, it executes JavaScript code without any security validation.\n\nSpecifically, inside the `convertToValidJSONString` function, user input is directly passed to the `Function()` constructor, which evaluates and executes the input as JavaScript code. Since this runs with full Node.js runtime privileges, it can access dangerous modules such as `child_process` and `fs`.\n\n### Vulnerability Flow\n\n1. **User Input Received**: Input is provided via the API endpoint `/api/v1/node-load-method/customMCP` through the `mcpServerConfig` parameter.\n2. **Variable Substitution**: The `substituteVariablesInString` function replaces template variables like `$vars.xxx`, but no security filtering is applied during this step.\n3. **Dangerous Code Execution**: The `convertToValidJSONString` function executes the input using `Function(\u0027return \u0027 + inputString)()`. If the `inputString` contains malicious code, it gets executed in the global Node.js context, allowing actions such as command execution and file system access.\n\n## Taint Flow\n\n- **Taint 01: Route Registration** \n [`index.ts` (Line 5)](https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/routes/node-load-methods/index.ts#L5)\n\n- **Taint 02: Controller** \n [`index.ts` (Line 57\u201378)](https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/controllers/nodes/index.ts#L57-L78)\n\n- **Taint 03: Service** \n [`index.ts` (Line 91\u201394)](https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/services/nodes/index.ts#L91-L94)\n\n- **Taint 04: CustomMCP Node Entry Point** \n [`CustomMCP.ts` (Line 132)](https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L132)\n\n- **Taint 05: Variable Substitution** \n [`CustomMCP.ts` (Line 220)](https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L220)\n\n- **Taint 06: Dangerous Constructor Execution** \n [`CustomMCP.ts` (Line 262\u2013270)](https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L262-L270)\n\n## Proof of Concept (PoC)\n\n```bash\ncurl -X POST http://localhost:3000/api/v1/node-load-method/customMCP \\\n -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer tmY1fIjgqZ6-nWUuZ9G7VzDtlsOiSZlDZjFSxZrDd0Q\" \\\n -d \u0027{\n \"loadMethod\": \"listActions\",\n \"inputs\": {\n \"mcpServerConfig\": \"({x:(function(){const cp = process.mainModule.require(\\\"child_process\\\");cp.execSync(\\\"echo !!RCE-OK!! \u003e/tmp/RCE.txt\\\");return 1;})()})\"\n }\n }\u0027\n```\n\u003cimg width=\"1907\" height=\"958\" alt=\"image\" src=\"https://github.com/user-attachments/assets/78b50eb1-67af-4c8b-97ea-7e2c05426962\" /\u003e\n\nWhen executed, this creates a file `/tmp/RCE.txt` on the server, confirming command execution.\n\n## Impact\n\n### Complete System Takeover and Infrastructure Threat\n\nThis vulnerability allows attackers to execute arbitrary JavaScript code on the Flowise server, leading to:\n\n- Full system compromise\n- File system access\n- Command execution\n- Sensitive data exfiltration\n\nAs only an API token is required, this poses an extreme security risk to business continuity and customer data.",
"id": "GHSA-3gcm-f6qx-ff7p",
"modified": "2025-10-13T15:49:17Z",
"published": "2025-09-15T19:59:57Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-3gcm-f6qx-ff7p"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59528"
},
{
"type": "PACKAGE",
"url": "https://github.com/FlowiseAI/Flowise"
},
{
"type": "WEB",
"url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L132"
},
{
"type": "WEB",
"url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L220"
},
{
"type": "WEB",
"url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/components/nodes/tools/MCP/CustomMCP/CustomMCP.ts#L262-L270"
},
{
"type": "WEB",
"url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/controllers/nodes/index.ts#L57-L78"
},
{
"type": "WEB",
"url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/routes/node-load-methods/index.ts#L5"
},
{
"type": "WEB",
"url": "https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bcf8d2200ae827a1f5b9fec81d0/packages/server/src/services/nodes/index.ts#L91-L94"
},
{
"type": "WEB",
"url": "https://github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.6"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Flowise has Remote Code Execution vulnerability"
}
WID-SEC-W-2025-2105
Vulnerability from csaf_certbund - Published: 2025-09-22 22:00 - Updated: 2025-09-22 22:00Summary
Flowise: Mehrere Schwachstellen
Severity
Kritisch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Flowise ist eine Benutzeroberfläche zur Erstellung von LLMs (Large Language Model).
Angriff: Ein entfernter, authentisierter oder anonymer Angreifer kann mehrere Schwachstellen in Flowise ausnutzen, um Informationen offenzulegen und beliebigen Code auszuführen.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Flowise Cloud <August 2025
Open Source / Flowise
|
Cloud <August 2025 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Flowise <3.0.6
Open Source / Flowise
|
<3.0.6 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Flowise <3.0.6
Open Source / Flowise
|
<3.0.6 |
References
8 references
{
"document": {
"aggregate_severity": {
"text": "kritisch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Flowise ist eine Benutzeroberfl\u00e4che zur Erstellung von LLMs (Large Language Model).",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter oder anonymer Angreifer kann mehrere Schwachstellen in Flowise ausnutzen, um Informationen offenzulegen und beliebigen Code auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2105 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2105.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2105 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2105"
},
{
"category": "external",
"summary": "Flowise GitHub vom 2025-09-22",
"url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-hr92-4q35-4j3m"
},
{
"category": "external",
"summary": "cvefeed Advisory vom 2025-09-22",
"url": "https://cvefeed.io/vuln/detail/CVE-2025-59527"
},
{
"category": "external",
"summary": "Flowise GitHub vom 2025-09-22",
"url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-3gcm-f6qx-ff7p"
},
{
"category": "external",
"summary": "cvefeed Advisory vom 2025-09-22",
"url": "https://cvefeed.io/vuln/detail/CVE-2025-59528"
},
{
"category": "external",
"summary": "Flowise GitHub vom 2025-09-22",
"url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-435c-mg9p-fv22"
},
{
"category": "external",
"summary": "Flowise GitHub vom 2025-09-22",
"url": "https://cvefeed.io/vuln/detail/CVE-2025-59434"
}
],
"source_lang": "en-US",
"title": "Flowise: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-09-22T22:00:00.000+00:00",
"generator": {
"date": "2025-09-23T08:56:08.699+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-2105",
"initial_release_date": "2025-09-22T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-09-22T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c3.0.6",
"product": {
"name": "Open Source Flowise \u003c3.0.6",
"product_id": "T047128"
}
},
{
"category": "product_version",
"name": "3.0.6",
"product": {
"name": "Open Source Flowise 3.0.6",
"product_id": "T047128-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:flowiseai:flowise:3.0.6"
}
}
},
{
"category": "product_version_range",
"name": "Cloud \u003cAugust 2025",
"product": {
"name": "Open Source Flowise Cloud \u003cAugust 2025",
"product_id": "T047131"
}
},
{
"category": "product_version",
"name": "Cloud August 2025",
"product": {
"name": "Open Source Flowise Cloud August 2025",
"product_id": "T047131-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:flowiseai:flowise:cloud__august_2025"
}
}
}
],
"category": "product_name",
"name": "Flowise"
}
],
"category": "vendor",
"name": "Open Source"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-59434",
"product_status": {
"known_affected": [
"T047131"
]
},
"release_date": "2025-09-22T22:00:00.000+00:00",
"title": "CVE-2025-59434"
},
{
"cve": "CVE-2025-59527",
"product_status": {
"known_affected": [
"T047128"
]
},
"release_date": "2025-09-22T22:00:00.000+00:00",
"title": "CVE-2025-59527"
},
{
"cve": "CVE-2025-59528",
"product_status": {
"known_affected": [
"T047128"
]
},
"release_date": "2025-09-22T22:00:00.000+00:00",
"title": "CVE-2025-59528"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…