GHSA-hp26-q66v-q2w7: FlowiseAI has Mass Assignment in Assistant Update Endpoint that Allows Cross-Workspace Resource Reassignment
highvulnerability
security
Source: GitHub Advisory DatabaseMay 14, 2026
Summary
FlowiseAI has a mass assignment vulnerability (a flaw where a server accepts fields it shouldn't let users modify) in its assistant update endpoint that lets authenticated users change server-controlled properties like workspaceId, createdDate, and updatedDate. Because the server lacks proper validation and authorization checks, an attacker can reassign assistants to different workspaces, potentially breaking the isolation between separate workspaces in multi-tenant environments (systems serving multiple independent organizations).
Classification
Attack Type
Supply Chain
Attack SophisticationTrivial
Impact (CIA+S)
integrityconfidentiality
Affected Vendors
LangChain
Affected Packages
flowise@<= 3.1.1 (fixed: 3.1.2)
Related Issues
Monthly digest — independent AI security research
Original source: https://github.com/advisories/GHSA-hp26-q66v-q2w7
First tracked: May 14, 2026 at 02:00 PM
Classified by LLM (prompt v3) · confidence: 85%