Remote Code Execution Vulnerability in Flowise by FlowiseAI
CVE-2025-59528

10CRITICAL

Key Information:

Vendor: Flowiseai
Status: Flowise
Vendor: CVE Published:; 22 September 2025

What is CVE-2025-59528?

Flowise, a user-friendly platform for creating customized large language model flows, has a significant vulnerability in version 3.0.5 that allows for remote code execution. The flaw lies within the CustomMCP node, where user input is inadequately sanitized. Specifically, the mcpServerConfig string is parsed and directly evaluated as JavaScript using the Function() constructor without any security checks. This allows an attacker to execute arbitrary JavaScript code with full privileges, making it possible to access sensitive and potentially dangerous system resources, including child processes and file systems. Users are urged to upgrade to version 3.0.6, which includes a patch to remediate this vulnerability.

Affected Version(s)

Flowise = 3.0.5

References

https://github.com/FlowiseAI/Flowise/security/advisories/...

x_refsource_CONFIRM

https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bc...

x_refsource_MISC

https://github.com/FlowiseAI/Flowise/blob/5930f1119c655bc...

x_refsource_MISC

CVSS V3.1

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 22, 2025
Vulnerability Reserved
Sep 17, 2025

Flowiseai

What is CVE-2025-59528?

Affected Version(s)

References

CVSS V3.1

Timeline