MEDIUM
FlowiseAI
CVE published 2026-05-11
CVE-2026-43995
CVE-2026-43995 affects Flowise versions before 3.1.0. According to the vendor advisory and NVD, several tool implementations used raw HTTP clients directly instead of the secured wrapper, which NVD maps to CWE-918. The issue is fixed in Flowise 3.1.0. With a CVSS 5.3 Medium score and network-based attack conditions, this is a practical patching and configuration review item for anyone exposing affected Fl [truncated]