Flowise: Assistant create+update mass-assignment allows cross-workspace assistant takeover
CVE-2026-46475
7.7HIGH
What is CVE-2026-46475?
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, assistant create and update mass-assignment allows cross-workspace assistant takeover. This issue has been patched in version 3.1.2.
Affected Version(s)
Flowise < 3.1.2