CVE-2025-71338
Analyzed Analyzed - Analysis Complete

Path Traversal in Flowise AI Application

Vulnerability report for CVE-2025-71338, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-25

Last updated on: 2026-07-01

Assigner: VulnCheck

Description

Flowise contains a path traversal vulnerability in the /api/v1/document-store/loader/process endpoint that allows unauthenticated attackers to write arbitrary files to the filesystem. Attackers can exploit unsanitized fileName parameters with ../ sequences to overwrite critical files like package.json and achieve remote code execution when the application restarts.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-25
Last Modified
2026-07-01
Generated
2026-07-16
AI Q&A
2026-06-26
EPSS Evaluated
2026-07-15
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
flowiseai flowise to 3.1.3 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-73 The product allows user input to control or influence paths or file names that are used in filesystem operations.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in Flowise at the /api/v1/document-store/loader/process endpoint. It is a path traversal flaw that allows unauthenticated attackers to write arbitrary files to the filesystem.

Attackers exploit unsanitized fileName parameters containing ../ sequences to overwrite critical files such as package.json.

By overwriting these files, attackers can achieve remote code execution when the application restarts.

Detection Guidance

This vulnerability can be detected by monitoring for suspicious HTTP requests to the /api/v1/document-store/loader/process endpoint that include path traversal sequences such as ../ in the fileName parameter.

You can use network monitoring tools or web server logs to identify such requests.

  • Use curl or similar tools to test the endpoint for path traversal, for example:
  • curl -X POST 'http://<target>/api/v1/document-store/loader/process' -d '{"fileName":"../package.json","content":"malicious content"}' -H 'Content-Type: application/json'
  • Check web server logs for requests containing ../ sequences in the fileName parameter.
  • Use intrusion detection systems (IDS) or web application firewalls (WAF) to alert on path traversal patterns targeting this endpoint.
Impact Analysis

This vulnerability can have severe impacts including complete system compromise.

  • Unauthenticated attackers can write arbitrary files to the system.
  • Critical files like package.json can be overwritten.
  • Remote code execution can be achieved when the application restarts, allowing attackers to run malicious code.
  • This can lead to loss of confidentiality, integrity, and availability of the affected system.
Compliance Impact

The vulnerability allows unauthenticated attackers to write arbitrary files and achieve remote code execution, which can lead to unauthorized access, data manipulation, or system compromise.

Such a critical security flaw can impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of sensitive data and secure system integrity.

Exploitation of this vulnerability could result in breaches of confidentiality, integrity, and availability of data, potentially leading to violations of these regulations.

Mitigation Strategies

Immediate mitigation steps include restricting access to the vulnerable /api/v1/document-store/loader/process endpoint to trusted users or networks.

Implement input validation and sanitization to prevent path traversal sequences (../) in the fileName parameter.

Apply any available patches or updates from the Flowise project that address this vulnerability.

Monitor logs for exploitation attempts and consider disabling or restricting the affected API until a fix is applied.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-71338. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart