GHSA-2x8m-83vc-6wv4: Flowise: SSRF Protection Bypass (TOCTOU & Default Insecure)
highvulnerability
security
Source: GitHub Advisory DatabaseApril 16, 2026
Summary
Flowise contains security flaws in its SSRF (server-side request forgery, where an attacker tricks a server into making requests to internal systems) protection code. Two main issues exist: by default, the deny list is not enforced if an environment variable is not set, allowing requests to localhost, and attackers can use DNS rebinding (TOCTOU, time-of-check time-of-use, where a domain's IP address changes between when the server checks it and when it connects) to bypass IP validation checks.
Classification
Attack Type
Supply Chain
Attack SophisticationModerate
Impact (CIA+S)
confidentialityintegrity
Affected Vendors
LangChain
Affected Packages
flowise-components@<= 3.0.13 (fixed: 3.1.0)flowise@<= 3.0.13 (fixed: 3.1.0)
Related Issues
Monthly digest — independent AI security research
Original source: https://github.com/advisories/GHSA-2x8m-83vc-6wv4
First tracked: April 17, 2026 at 02:00 AM
Classified by LLM (prompt v3) · confidence: 92%