Platform
nodejs
Component
flowise
Fixed in
1.9.8
2.2.8
CVE-2025-55346 is a critical Remote Code Execution (RCE) vulnerability discovered in Flowise, a Node.js application. This flaw allows malicious actors to execute arbitrary JavaScript code within the host environment, bypassing sandboxing protections. The vulnerability affects versions of Flowise up to and including 2.2.7-patch.1, and a fix is available in version 0.0.1.
The impact of this RCE vulnerability is severe. An attacker can leverage it to gain complete control over the server hosting the Flowise application. This includes the ability to execute arbitrary commands, access sensitive data, install malware, and potentially pivot to other systems on the network. The vulnerability stems from an unsafe implementation of a dynamic Function constructor when handling user-provided input within Custom MCP Chatflows. The provided example configuration in the MCP Server Config acts as a deceptive hint, making exploitation easier. Successful exploitation could lead to data breaches, system compromise, and significant disruption of services.
This vulnerability was publicly disclosed on 2025-10-06. The CVSS score of 9.8 (CRITICAL) reflects the high severity and ease of exploitation. No public proof-of-concept (PoC) code has been released at the time of writing, but the vulnerability's nature suggests that a PoC is likely to emerge. The vulnerability is not currently listed on CISA KEV, but its critical nature warrants close monitoring.
Exploit Status
EPSS
0.03% (8% percentile)
CISA SSVC
CVSS Vector
The primary mitigation is to immediately upgrade Flowise to version 0.0.1 or later, which contains the fix. If upgrading is not immediately feasible, consider implementing temporary workarounds. Restrict access to the /api/v1/node-load-method/customMCP endpoint to trusted users only. Implement strict input validation and sanitization on all user-provided data used in the Custom MCP Chatflows to prevent malicious code injection. Monitor system logs for suspicious activity related to the endpoint or JavaScript execution. Consider using a Web Application Firewall (WAF) to filter potentially malicious requests.
Update to a patched version that fixes the remote code execution vulnerability. Refer to the JFrog security advisory for more details and a patched version. If a patched version is not available, consider disabling or removing the component until a fix is released.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-55346 is a critical Remote Code Execution vulnerability in Flowise versions up to 2.2.7-patch.1, allowing attackers to execute arbitrary code on the server.
If you are running Flowise version 2.2.7-patch.1 or earlier, you are vulnerable to this RCE vulnerability.
Upgrade Flowise to version 0.0.1 or later to resolve this vulnerability. Implement temporary mitigations if immediate upgrade is not possible.
While no public exploits are currently known, the vulnerability's severity and ease of exploitation suggest active exploitation is possible.
Refer to the Flowise project's official channels (website, GitHub repository) for the latest advisory and security updates.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.