GHSA-C2C9-MFW7-P8HW: GHSA-C2C9-MFW7-P8HW: Cross-Workspace Chatflow Disclosure in Flowise

GHSA-C2C9-MFW7-P8HW: Cross-Workspace Chatflow Disclosure in Flowise

Vulnerability ID: GHSA-C2C9-MFW7-P8HW
CVSS Score: 5.3
Published: 2026-05-20

An Incorrect Authorization vulnerability in Flowise versions up to 3.1.1 allows cross-workspace information disclosure. The /api/v1/chatflows/apikey/:apikey endpoint fails to scope database queries by workspace, exposing unprotected chatflow configurations, LLM prompts, and application metadata across the entire instance.

TL;DR

Flowise <= 3.1.1 contains a flaw in API key authorization where a valid API key from any workspace can be used to read all unprotected chatflows from all other workspaces on the same instance. Administrators must upgrade to version 3.1.2 to resolve this data leakage.

---

⚠️ Exploit Status: POC

Technical Details

• CWE ID: CWE-863 (Incorrect Authorization)
• Attack Vector: Network / Remote
• CVSS Score: 5.3 (Medium)
• Privileges Required: Low (Valid API Key)
• Impact: Cross-Workspace Information Disclosure
• Exploit Status: Proof of Concept available

Affected Systems

• Flowise <= 3.1.1
• Flowise: <= 3.1.1 (Fixed in: 3.1.2)

Mitigation Strategies

• Upgrade to a patched version of Flowise (>= 3.1.2)
• Enable individual password protection on all sensitive chatflows
• Restrict API access via WAF or reverse proxy filtering

Remediation Steps:

1. Verify the current version of the Flowise deployment.
2. Update the flowise npm package to version 3.1.2 or later.
3. Restart the Flowise service to apply changes.
4. Audit all existing chatflows and verify no hardcoded credentials exist within node configurations.

References

• GitHub Security Advisory
• Flowise Security Overview
• OSV Database Entry
• GitLab Advisory Database

---

Read the full report for GHSA-C2C9-MFW7-P8HW on our website for more details including interactive diagrams and full exploit analysis.