Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

April 06, 2026

Threat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) platform, according to new findings from VulnCheck. The vulnerability in question is CVE-2025-59528 (CVSS score: 10.0), a code injection vulnerability that could result in remote code execution. "The CustomMCP node allows users to input configuration settings for connecting

from The Hacker News https://ift.tt/4Rw9p1b
via Cyber Security

Bitcoin Mining

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

Popular Feeds

Why Third-Party Risk Is the Biggest Gap in Your Clients' Security Posture

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug

Featured News

New GPUBreach Attack Enables Full CPU Privilege Escalation via GDDR6 Bit-Flips

Random Posts

Popular Posts

Why Third-Party Risk Is the Biggest Gap in Your Clients' Security Posture

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug

Bitcoin Mining

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

You may like these posts

Share

Popular Feeds

Why Third-Party Risk Is the Biggest Gap in Your Clients' Security Posture

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug

Featured News

New GPUBreach Attack Enables Full CPU Privilege Escalation via GDDR6 Bit-Flips

Random Posts

Popular Posts

Why Third-Party Risk Is the Biggest Gap in Your Clients' Security Posture

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug