CVE-2026-56268
Received Received - Intake
Information Disclosure in Flowise AI Chatbot Platform

Publication date: 2026-06-22

Last updated on: 2026-06-22

Assigner: VulnCheck

Description
Flowise before 3.1.2 contains an information disclosure vulnerability in the /api/v1/chatflows/apikey/:apikey endpoint. When the keyonly query parameter is omitted (the default), the endpoint returns not only the chatflows bound to the supplied API key but also all chatflows across every workspace that have no API key assigned, because the underlying query lacks any workspace filter. An attacker with a valid API key for one workspace can therefore retrieve the full ChatFlow configuration (including flowData with system prompts and node configurations, chatbotConfig, apiConfig, and credential IDs) of unprotected chatflows belonging to other workspaces.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-22
Last Modified
2026-06-22
Generated
2026-06-23
AI Q&A
2026-06-23
EPSS Evaluated
N/A
NVD
CVE-2026-56268
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
flowise flowise to 3.1.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-863 The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in Flowise versions before 3.1.2 and involves an information disclosure issue in the /api/v1/chatflows/apikey/:apikey endpoint. When the keyonly query parameter is not provided (which is the default behavior), the endpoint returns not only the chatflows associated with the supplied API key but also all chatflows across every workspace that do not have an API key assigned. This happens because the underlying query does not filter by workspace.

As a result, an attacker who has a valid API key for one workspace can retrieve the full ChatFlow configuration of unprotected chatflows belonging to other workspaces. This configuration includes sensitive details such as flowData with system prompts and node configurations, chatbotConfig, apiConfig, and credential IDs.

Impact Analysis

This vulnerability can lead to unauthorized disclosure of sensitive configuration data from other workspaces that are not protected by an API key. An attacker with access to one workspace's API key can access detailed ChatFlow configurations of other workspaces, potentially exposing system prompts, node configurations, chatbot settings, API configurations, and credential identifiers.

Such exposure could allow attackers to understand or manipulate chatbot behavior, gain insights into system operations, or use credential IDs for further attacks, thereby compromising confidentiality and potentially leading to further security breaches.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-56268. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart