CVE-2026-46478
Received Received - Intake
Flowise DatasetRow Mass Assignment Cross-Workspace Row Takeover

Publication date: 2026-06-08

Last updated on: 2026-06-08

Assigner: GitHub, Inc.

Description
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, DatasetRow create and update mass-assignment allows cross-workspace row takeover. This issue has been patched in version 3.1.2.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-08
Last Modified
2026-06-08
Generated
2026-06-09
AI Q&A
2026-06-08
EPSS Evaluated
N/A
NVD
CVE-2026-46478
EUVD
EUVD-2026-35115
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
flowise flowise to 3.1.2 (exc)
flowiseai flowise to 3.1.2 (exc)
flowiseai flowise 3.1.2
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-915 The product receives input from an upstream component that specifies multiple attributes, properties, or fields that are to be initialized or updated in an object, but it does not properly control which attributes can be modified.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

This vulnerability allows authenticated attackers to perform cross-workspace data takeover by manipulating sensitive fields such as workspaceId, leading to unauthorized access to data belonging to other workspaces.

Such unauthorized access and data exposure can compromise data confidentiality and integrity, which are critical requirements under common standards and regulations like GDPR and HIPAA.

By enabling attackers to access sensitive training or evaluation records from other workspaces, the vulnerability undermines data isolation and protection controls mandated by these regulations.

Therefore, exploitation of this vulnerability could result in non-compliance with data protection regulations that require strict access controls and protection of personal or sensitive data.

Executive Summary

CVE-2026-46478 is a high-severity vulnerability in Flowise, a drag & drop user interface for building customized large language model flows. The issue exists in versions prior to 3.1.2 and involves a mass-assignment vulnerability in the DatasetRow entity.

Specifically, the software uses the Object.assign() method to copy request body data into a new or existing DatasetRow without properly restricting which fields can be modified. This allows an authenticated attacker with low privileges to manipulate sensitive fields such as workspaceId and id.

By exploiting this, an attacker can perform a cross-workspace row takeover, effectively transferring ownership of a DatasetRow from one workspace to another. This leads to unauthorized access to data belonging to other workspaces.

The root cause is the lack of explicit validation or restriction on which fields from the request body are assigned to the DatasetRow entity, allowing malicious values to persist in the database.

A patch was introduced in version 3.1.2 that implements an allowlist pattern to restrict which fields can be updated, preventing modification of sensitive fields like workspaceId and id.

Impact Analysis

This vulnerability can have significant impacts including unauthorized data access and compromise of data isolation between workspaces.

  • An attacker with low privileges and edit permissions can take over DatasetRows from other workspaces by changing ownership fields.
  • This leads to exposure of sensitive training or evaluation data to unauthorized users.
  • The integrity and confidentiality of data across different workspaces are compromised.
  • Because the exploit requires no user interaction and only low privileges, it is highly exploitable and poses a serious security risk.
Detection Guidance

This vulnerability can be detected by monitoring for suspicious API requests that attempt to modify DatasetRow entities with unauthorized fields such as `workspaceId` or `id`. Specifically, look for requests where these sensitive fields are included in the request body during create or update operations.

Since the vulnerability involves mass-assignment via the API, you can detect exploitation attempts by inspecting logs or capturing network traffic for HTTP requests to the DatasetRow endpoints that include `workspaceId` or `id` fields being set or changed.

Example commands to detect such activity might include using tools like `grep` or `jq` on server logs to find suspicious payloads, or using network capture tools like `tcpdump` or `Wireshark` with filters for HTTP POST or PATCH requests containing these fields.

  • grep -i 'workspaceId' /path/to/flowise/logs/*.log
  • jq '. | select(.workspaceId != null or .id != null)' /path/to/api/request_logs.json
  • tcpdump -A -s 0 'tcp port 80 or tcp port 443' | grep -i 'workspaceId'
Mitigation Strategies

The immediate mitigation step is to upgrade Flowise to version 3.1.2 or later, where the vulnerability has been patched by implementing an allowlist pattern that restricts which fields can be updated in DatasetRow entities.

Until the upgrade can be applied, restrict access to the DatasetRow update and create APIs to trusted users only, and monitor for suspicious activity as described above.

Additionally, review and harden API permissions to ensure that only authorized users with proper privileges can perform DatasetRow modifications.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-46478. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart