Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed
criticalnews
security
Source: The Hacker NewsApril 7, 2026
Summary
Flowise, an open-source AI platform, has a maximum-severity vulnerability (CVE-2025-59528, CVSS score 10.0) in its CustomMCP node that allows attackers to execute arbitrary JavaScript code on the server without validation, potentially leading to full system compromise and data theft. The flaw requires only an API token to exploit and is being actively exploited in the wild against over 12,000 exposed Flowise instances.
Solution / Mitigation
The vulnerability was addressed in version 3.0.6 of the npm package. Users should upgrade to this version or later.
Classification
Attack Type
Supply Chain
Attack SophisticationTrivial
Impact (CIA+S)
confidentialityintegrity
Affected Vendors
Related Issues
Monthly digest — independent AI security research
Original source: https://thehackernews.com/2026/04/flowise-ai-agent-builder-under-active.html
First tracked: April 7, 2026 at 02:01 AM
Classified by LLM (prompt v3) · confidence: 95%