CVE-2025-59434
BaseFortify
Publication date: 2025-09-22
Last updated on: 2025-09-22
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| flowiseai | flowise | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-59434 is a critical vulnerability in the cloud-hosted version of Flowise, a drag & drop interface for building large language model flows. It allows any authenticated user on the free tier to access sensitive environment variables from other tenants via the Custom JavaScript Function node. This happens because the $vars object in the JavaScript execution context mistakenly includes environment variables from all tenants instead of just the current workspace. As a result, secrets like OpenAI API keys, AWS credentials, and Google Cloud secrets can be exposed to unauthorized users. [1]
How can this vulnerability impact me? :
This vulnerability can lead to severe impacts including leakage of sensitive credentials such as API keys and tokens, unauthorized use of paid third-party services (OpenAI, AWS, Google, etc.), access to internal database URIs, and potential lateral movement within the system. It can result in full cross-tenant data exposure and compromise of user data, making it a critical security risk. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by creating a free-tier Flowise Cloud account and sending a crafted POST request to the /api/v1/node-custom-function endpoint with a JavaScript payload that enumerates the keys of the $vars object. This payload will reveal environment variable names and their values, including those from other tenants. For example, you can use a curl command to send such a POST request with a payload that returns Object.keys($vars) or similar JavaScript code to check if cross-tenant variables are accessible. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading to the patched version of Flowise Cloud released in August 2025, which fixes the issue. Additionally, revoke and rotate any potentially leaked credentials such as OpenAI API keys, AWS credentials, Supabase tokens, and Google Cloud secrets. Restrict access to the affected endpoints and monitor for suspicious activity. Urgent remediation is strongly recommended to prevent abuse and data compromise. [1]