CVE-2026-46478

Flowise is a drag & drop user interface to build a customized large language model flow

Published: 2026-06-08 · Last updated: 2026-06-09

Severity and scoring

CWE: CWE-915

Description

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, DatasetRow create and update mass-assignment allows cross-workspace row takeover. This issue has been patched in version 3.1.2.

Source: NVD

References

Related CVEs

Same CWE

CVE-2026-46517 — LMDeploy is a toolkit for compressing, deploying, and serving large language models (7.8 HIGH)
CVE-2026-46480 — Flowise is a drag & drop user interface to build a customized large language model flow (8.8 HIGH)
CVE-2026-46479 — Flowise is a drag & drop user interface to build a customized large language model flow
CVE-2026-46477 — Flowise is a drag & drop user interface to build a customized large language model flow
CVE-2026-46476 — Flowise is a drag & drop user interface to build a customized large language model flow