AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

Max severity Flowise RCE vulnerability now exploited in attacks

criticalnews

security

Source: BleepingComputerApril 7, 2026

Summary

Hackers are actively exploiting CVE-2025-59528, a critical vulnerability in Flowise (an open-source platform for building AI agents and custom LLM applications) that allows arbitrary JavaScript code injection without validation through the CustomMCP node. The flaw was publicly disclosed in September, affects thousands of exposed instances online, and enables attackers to execute commands and access files on vulnerable systems.

Solution / Mitigation

Upgrade to Flowise version 3.1.1 or at least version 3.0.6 as soon as possible. Additionally, consider removing Flowise instances from the public internet if external access is not required.

Classification

Attack SophisticationTrivial

Impact (CIA+S)

integrityconfidentialityavailability

Affected Vendors

Monthly digest — independent AI security research

Original source: https://www.bleepingcomputer.com/news/security/max-severity-flowise-rce-vulnerability-now-exploited-in-attacks/

First tracked: April 7, 2026 at 02:01 PM

Classified by LLM (prompt v3) · confidence: 95%