GHSA-5wxp-qjgq-fx6m: FlowiseAI has Mass Assignment in Chatflow Update Endpoint that Allows Cross-Workspace AgentFlow Reassignment
highvulnerability
security
Summary
FlowiseAI has a mass assignment vulnerability (a flaw where an attacker can modify server-controlled fields by including them in their input) in its chatflow update endpoint that allows authenticated users to change protected properties like workspaceId, deployed status, and visibility settings. An attacker can reassign chatflows to other workspaces and modify deployment or visibility settings without authorization because the server doesn't validate which fields should be editable.
Vulnerability Details
EPSS (30-day exploit probability)
EPSS: 0.0%
Patch Available
Yes
Disclosure Date
May 14, 2026
Classification
Attack Type
Supply Chain
Attack SophisticationModerate
Impact (CIA+S)
integrityconfidentiality
Affected Vendors
LangChain
Affected Packages
flowise@<= 3.1.1 (fixed: 3.1.2)
Related Issues
Monthly digest — independent AI security research
Original source: https://github.com/advisories/GHSA-5wxp-qjgq-fx6m
First tracked: May 14, 2026 at 02:00 PM
Classified by LLM (prompt v3) · confidence: 85%