CVE-2026-56268
Analyzed Analyzed - Analysis Complete

Information Disclosure in Flowise AI Chatbot Platform

Vulnerability report for CVE-2026-56268, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-22

Last updated on: 2026-06-25

Assigner: VulnCheck

Description

Flowise before 3.1.2 contains an information disclosure vulnerability in the /api/v1/chatflows/apikey/:apikey endpoint. When the keyonly query parameter is omitted (the default), the endpoint returns not only the chatflows bound to the supplied API key but also all chatflows across every workspace that have no API key assigned, because the underlying query lacks any workspace filter. An attacker with a valid API key for one workspace can therefore retrieve the full ChatFlow configuration (including flowData with system prompts and node configurations, chatbotConfig, apiConfig, and credential IDs) of unprotected chatflows belonging to other workspaces.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-22
Last Modified
2026-06-25
Generated
2026-07-13
AI Q&A
2026-06-23
EPSS Evaluated
2026-07-11
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
flowiseai flowise to 3.1.2 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-863 The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in Flowise versions before 3.1.2 and involves an information disclosure issue in the /api/v1/chatflows/apikey/:apikey endpoint. When the keyonly query parameter is not provided (which is the default behavior), the endpoint returns not only the chatflows associated with the supplied API key but also all chatflows across every workspace that do not have an API key assigned. This happens because the underlying query does not filter by workspace.

As a result, an attacker who has a valid API key for one workspace can retrieve the full ChatFlow configuration of unprotected chatflows belonging to other workspaces. This configuration includes sensitive details such as flowData with system prompts and node configurations, chatbotConfig, apiConfig, and credential IDs.

Compliance Impact

This vulnerability allows an attacker with a valid API key for one workspace to retrieve full ChatFlow configurations, including sensitive data such as system prompts, node configurations, chatbotConfig, apiConfig, and credential IDs from other workspaces that have no API key assigned.

Such unauthorized disclosure of potentially sensitive configuration and credential information could lead to non-compliance with data protection standards and regulations like GDPR and HIPAA, which require strict controls over access to sensitive data and protection against unauthorized disclosure.

Impact Analysis

This vulnerability can lead to unauthorized disclosure of sensitive configuration data from other workspaces that are not protected by an API key. An attacker with access to one workspace's API key can access detailed ChatFlow configurations of other workspaces, potentially exposing system prompts, node configurations, chatbot settings, API configurations, and credential identifiers.

Such exposure could allow attackers to understand or manipulate chatbot behavior, gain insights into system operations, or use credential IDs for further attacks, thereby compromising confidentiality and potentially leading to further security breaches.

Detection Guidance

This vulnerability can be detected by testing the /api/v1/chatflows/apikey/:apikey endpoint on Flowise versions before 3.1.2. Specifically, you can make a request to this endpoint without including the keyonly query parameter and observe if chatflows from other workspaces without API keys are returned.

A possible command to test this could be using curl to query the endpoint with a valid API key but without the keyonly parameter, for example:

  • curl -X GET "http://<flowise-server>/api/v1/chatflows/apikey/<valid_apikey>"

If the response includes chatflows from other workspaces that do not have an API key assigned, this indicates the vulnerability is present.

Mitigation Strategies

The immediate mitigation step is to upgrade Flowise to version 3.1.2 or later, where the vulnerability has been fixed by adding workspace scoping to the query.

Until the upgrade can be applied, restrict access to the /api/v1/chatflows/apikey/:apikey endpoint to trusted users only, and avoid sharing API keys across workspaces.

Additionally, monitor API usage for unusual access patterns that might indicate exploitation attempts.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-56268. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart