PatchSiren cyber security CVE debrief
CVE-2026-43995 FlowiseAI CVE debrief
CVE-2026-43995 affects Flowise versions before 3.1.0. According to the vendor advisory and NVD, several tool implementations used raw HTTP clients directly instead of the secured wrapper, which NVD maps to CWE-918. The issue is fixed in Flowise 3.1.0. With a CVSS 5.3 Medium score and network-based attack conditions, this is a practical patching and configuration review item for anyone exposing affected Flowise workflows.
- Vendor
- FlowiseAI
- Product
- Flowise
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-11
- Original CVE updated
- 2026-05-20
- Advisory published
- 2026-05-11
- Advisory updated
- 2026-05-20
Who should care
Flowise administrators, developers, and security teams should care, especially if the platform is exposed over the network or if workflows use the affected OpenAPIToolkit, WebScraperTool, MCP, or Arxiv tool implementations. Teams responsible for outbound-request controls, proxy policy, and supply-chain patching should prioritize validation and upgrade planning.
Technical summary
NVD records CVE-2026-43995 for Flowise with vulnerability status analyzed and a CVSS 4.0 vector indicating network attack conditions, low privileges, and no user interaction. The vendor advisory states that prior to 3.1.0, multiple tools directly imported and invoked raw HTTP clients (node-fetch and axios) rather than using Flowise’s secured wrapper. The affected implementations named in the advisory are OpenAPIToolkit/OpenAPIToolkit.ts, WebScraperTool/WebScraperTool.ts, MCP/core.ts, and Arxiv/core.ts. NVD associates the issue with CWE-918 and lists the affected version range as all Flowise versions before 3.1.0.
Defensive priority
Medium priority. The issue is externally reachable in typical networked deployments and is fixed in Flowise 3.1.0, so affected environments should upgrade promptly and confirm that outbound request handling is using the secured wrapper path.
Recommended defensive actions
- Upgrade Flowise to version 3.1.0 or later.
- Review whether your deployments use the affected tool implementations: OpenAPIToolkit, WebScraperTool, MCP, and Arxiv.
- Verify outbound HTTP controls, proxy policy, and allowlists for any Flowise-hosted workflows that can initiate requests.
- Check logs and monitoring for unexpected outbound request patterns originating from Flowise before and after patching.
- Track the vendor advisory and NVD entry for any additional guidance or revisions.
Evidence notes
All claims are grounded in the supplied NVD record and the linked GitHub security advisory. The published date used here is the CVE publish time provided in the source corpus (2026-05-11T18:16:37.660Z), and the modified date is 2026-05-20T18:41:54.780Z. The fix version (3.1.0), affected tool filenames, CWE-918 mapping, and CVSS details come from the supplied source metadata and description.
Official resources
-
CVE-2026-43995 CVE record
CVE.org
-
CVE-2026-43995 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Exploit, Mitigation, Vendor Advisory
Publicly disclosed on 2026-05-11 and updated on 2026-05-20. The vendor advisory indicates the issue is fixed in Flowise 3.1.0.