Executive Summary

CVE-2026-46476 is a high-severity vulnerability in FlowiseAI/Flowise versions 3.1.1 and earlier involving a mass-assignment issue in the CustomTemplate entity.

The vulnerability occurs because the system uses the Object.assign() method to copy request body data into a new entity without an allowlist, allowing attackers to overwrite critical fields such as workspaceId and id.

This flaw enables authenticated users with edit permissions to move custom templates between different workspaces, leading to cross-workspace template takeover and Insecure Direct Object Reference (IDOR) attacks.

The root cause is that the persistence layer does not remove ownership-related columns, so client-controlled values persist in the database.

An attacker can exploit this by creating or reusing a custom template in one workspace and then sending a crafted API request to change its workspaceId to another workspace's UUID, effectively transferring ownership.

The issue was patched in version 3.1.2 by applying an explicit field-by-field allowlist pattern to prevent unauthorized field overwrites.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability allows unauthorized modification of system data by enabling attackers to take over custom templates across different workspaces.

It can lead to cross-workspace data takeover, compromising the confidentiality, integrity, and availability of data within the affected system.

Attackers with low privileges and network access can exploit this vulnerability, potentially disrupting workflows and causing unauthorized access to sensitive templates.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by monitoring API requests that involve the CustomTemplate entity, specifically looking for suspicious attempts to modify the `workspaceId` or `id` fields via mass-assignment. Since the issue involves authenticated users sending crafted API requests to update these fields, inspecting logs for such requests is essential.

You can detect potential exploitation by searching your application logs or network traffic for API calls that update CustomTemplate objects with unusual or unauthorized changes to ownership fields.

• Use log analysis tools or commands like `grep` to find API requests containing `workspaceId` or `id` updates in your server logs, e.g., `grep -i 'workspaceId' /path/to/flowise/logs/*`.
• If you have access to the database, query for CustomTemplate records with unexpected or mismatched `workspaceId` values, indicating possible unauthorized transfers.

Useful 0 Not Useful 0

Mitigation Strategies

The primary mitigation step is to upgrade Flowise to version 3.1.2 or later, where the vulnerability has been patched by implementing an explicit allowlist for fields during CustomTemplate creation and update.

Until you can upgrade, restrict access to the API endpoints that allow modification of CustomTemplate entities to trusted users only, and monitor for suspicious activity.

Additionally, review and tighten permissions to ensure that only authorized users with proper edit rights can modify templates.

Useful 0 Not Useful 0

Compliance Impact

The vulnerability allows authenticated users with edit permissions to perform cross-workspace template takeover by modifying ownership fields, leading to unauthorized access and modification of data across different workspaces.

This unauthorized modification and potential exposure of data can impact the confidentiality, integrity, and availability of sensitive information, which are core principles in compliance frameworks such as GDPR and HIPAA.

Therefore, exploitation of this vulnerability could lead to non-compliance with these regulations due to improper access controls and potential data breaches.

Useful 0 Not Useful 0