{"data":{"id":"b13245fc-89ea-4b8b-af2c-43c150f5c74b","title":"GHSA-78pr-c5x5-jggc: FlowiseAI: Assistant create+update mass-assignment allows cross-workspace assistant takeover","summary":"FlowiseAI has a mass-assignment vulnerability (a bug where user input is copied directly into database objects without filtering) in its Assistant service that allows authenticated attackers to change the `workspaceId` field of an assistant they own, moving it to another workspace and gaining unauthorized access. This breaks workspace isolation (the security boundary that keeps data from different organizations separate) and exposes sensitive information like LLM configuration and credentials to unintended users.","solution":"The vulnerability is already fixed in PR https://github.com/FlowiseAI/Flowise/pull/6128, which applies an allowlist pattern (explicitly specifying which fields are allowed to be copied from user input) to the Assistant service, matching the fix previously applied to the DocumentStore entity in commit 840d2ae.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-78pr-c5x5-jggc","publishedAt":"2026-05-14T16:19:28.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":"high","severity":"high","attackType":["supply_chain"],"issueType":"vulnerability","affectedPackages":["flowise@<= 3.1.1 (fixed: 3.1.2)"],"affectedVendors":["LangChain"],"affectedVendorsRaw":["FlowiseAI"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":true,"disclosureDate":"2026-05-14T16:19:28.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["confidentiality","integrity"],"aiComponentTargeted":"api","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}