PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-46442 FlowiseAI CVE debrief

CVE-2026-46442 is a critical vulnerability in Flowise, a drag & drop user interface to build customized large language model flows. Prior to version 3.1.2, the POST /api/v1/node-custom-function endpoint lacks route-level authorization, allowing any authenticated user or API key to submit arbitrary JavaScript to the Custom JS Function node. When E2B_APIKEY is not configured, Flowise executes this code inside a NodeVM sandbox, which can be escaped to reach the host process object and execute system commands via child_process. This results in authenticated remote code execution on the Flowise server host.

Vendor
FlowiseAI
Product
Flowise
CVSS
CRITICAL 9.4
CISA KEV
Not listed in stored evidence
Original CVE published
2026-06-08
Original CVE updated
2026-06-11
Advisory published
2026-06-08
Advisory updated
2026-06-11

Who should care

Users of Flowise, especially those who have not upgraded to version 3.1.2, should be aware of this critical vulnerability. Administrators of Flowise installations should prioritize upgrading to the patched version to prevent potential attacks.

Technical summary

The vulnerability exists in the POST /api/v1/node-custom-function endpoint, which allows arbitrary JavaScript submission to the Custom JS Function node without proper authorization. This can lead to authenticated remote code execution on the Flowise server host when E2B_APIKEY is not configured.

Defensive priority

High

Recommended defensive actions

  • Upgrade Flowise to version 3.1.2 or later.
  • Review and restrict access to the POST /api/v1/node-custom-function endpoint.
  • Configure E2B_APIKEY to enhance security.

Evidence notes

The vulnerability was patched in version 3.1.2. Users can refer to the release notes [ref-4] and vendor advisory [ref-5] for more information.

Official resources

CVE-2026-46442 was published on 2026-06-08T16:16:41.347Z and modified on 2026-06-11T04:07:08.640Z.