Threat actors are actively exploiting a critical-severity code injection vulnerability in Flowise, a popular open-source AI platform. Tracked as CVE-2025-59528 with a perfect CVSS score of 10.0, the flaw resides in the CustomMCP node, which parses user-provided strings to build configuration settings but executes JavaScript code without security validation. This allows attackers to run arbitrary code with full Node.js runtime privileges.
Successful exploitation grants access to sensitive modules like child_process and fs, potentially leading to full system compromise, command execution, and data exfiltration. VulnCheck reports that scanning activity is currently targeting over 12,000 exposed instances. Organizations using Flowise are urged to update to version 3.0.6 immediately to mitigate the risk of this and other recently discovered vulnerabilities.
Top comments (0)