AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

Hackers exploit a critical Flowise flaw affecting thousands of AI workflows

criticalnewsLLM-Specific

security

Source: CSO OnlineApril 8, 2026

Summary

Flowise, a low-code platform for building custom AI workflows, has a critical vulnerability (CVE-2025-59528, CVSS 10.0) where attackers can inject malicious JavaScript code through improperly validated configurations in the Custom MCP node (a plugin that lets AI agents connect to external tools). Hackers have already begun exploiting this flaw against thousands of exposed Flowise instances since April 6, 2025.

Solution / Mitigation

The flaw was patched in Flowise version 3.0.6. Users should upgrade to version 3.0.6 or later, with the latest version being 3.1.1 (released last month).

Classification

Attack SophisticationModerate

Impact (CIA+S)

integrityconfidentialityavailability

Affected Vendors

Monthly digest — independent AI security research

Original source: https://www.csoonline.com/article/4155680/hackers-exploit-a-critical-flowise-flaw-affecting-thousands-of-ai-workflows.html

First tracked: April 8, 2026 at 02:00 PM

Classified by LLM (prompt v3) · confidence: 95%