Executive Summary

CVE-2026-30821 is a critical vulnerability in Flowise, a drag & drop user interface for building customized large language model flows. The issue exists in the unauthenticated file upload endpoint /api/v1/attachments/:chatflowId/:chatId, which is whitelisted to bypass authentication.

The server attempts to validate uploaded files based on MIME types provided by the client in the Content-Type header, but it does not verify the actual file content or file extension. This allows an attacker to spoof the MIME type (for example, pretending a malicious script is a PDF) and upload arbitrary files.

Uploaded files are stored persistently in backend storage such as local disk, Amazon S3, or Google Cloud Storage without proper validation. This flaw can be exploited to upload malicious scripts or files that can lead to remote code execution, stored cross-site scripting (XSS), or malicious file hosting.

Useful 0 Not Useful 0

Impact Analysis

[{'type': 'paragraph', 'content': 'This vulnerability can have severe impacts including:'}, {'type': 'list_item', 'content': 'Remote Code Execution (RCE): Attackers can upload malicious scripts or web shells that execute on the server, potentially leading to full system compromise.'}, {'type': 'list_item', 'content': "Stored Cross-Site Scripting (XSS): Malicious HTML or SVG files can be uploaded and later executed in users' browsers, risking session theft or account takeover."}, {'type': 'list_item', 'content': 'Malicious File Hosting: Attackers can host arbitrary malicious files on shared backend storage or static hosting features, potentially affecting other users or infrastructure.'}] [2]

Useful 0 Not Useful 0

Compliance Impact

I don't know

Useful 0 Not Useful 0

Detection Guidance

[{'type': 'paragraph', 'content': "This vulnerability can be detected by monitoring and inspecting uploads to the unauthenticated endpoint /api/v1/attachments/:chatflowId/:chatId for suspicious files that have spoofed MIME types. Since the server trusts the client-provided Content-Type header without verifying the actual file content or extension, detection involves checking for files where the MIME type does not match the file's magic bytes or extension."}, {'type': 'paragraph', 'content': 'Commands to detect this may include:'}, {'type': 'list_item', 'content': 'Using network traffic inspection tools (e.g., tcpdump, Wireshark) to capture HTTP POST requests to the vulnerable endpoint and analyze the Content-Type headers and file payloads.'}, {'type': 'list_item', 'content': "On the server, listing recently uploaded files and verifying their actual file types using the 'file' command (which checks magic bytes), for example: file <uploaded_filename>"}, {'type': 'list_item', 'content': "Searching for suspicious file extensions or files that do not match their MIME type, e.g., using find and file commands: find /path/to/uploads -type f -exec file {} \\; | grep -v 'expected_mime_type'"}, {'type': 'list_item', 'content': 'Checking server logs for unauthenticated POST requests to the /api/v1/attachments endpoint.'}] [2]

Useful 0 Not Useful 0

Mitigation Strategies

Immediate mitigation steps include:

• Upgrade Flowise to version 3.0.13 or later, where the vulnerability has been patched by adding proper MIME type and file extension validation for uploads.
• Restrict or disable unauthenticated access to the /api/v1/attachments/:chatflowId/:chatId endpoint to prevent arbitrary file uploads.
• Implement server-side validation that verifies the actual content of uploaded files (magic bytes) and enforces allowed file extensions, rather than trusting client-supplied MIME types.
• Review and clean existing uploaded files for any suspicious or malicious content.
• Monitor logs for unusual upload activity and consider adding additional authentication or rate limiting to file upload endpoints.

Useful 0 Not Useful 0