What is CVE-2025-59528 in Flowise?

Max-severity RCE letting attackers inject and run JavaScript via the CustomMCP node's unsafe config eval. Leads to full command execution.

How do I fix Flowise RCE vulnerability?

Upgrade to 3.1.1 immediately. Lock down public access; use VPNs or private nets for external MCP hooks.

Are other Flowise CVEs being exploited?

Yes—CVE-2025-8943 and CVE-2025-26319 see wild activity too. Patch everything; scan your instances.

🕳️ Vulnerabilities & CVEs

Flowise's Perfect-10 RCE Flaw Goes Live: 15,000 Exposed Servers in the Crosshairs

12,000 to 15,000 Flowise servers sit exposed to the internet today. One max-severity RCE bug just lit up in active attacks—straight from a Starlink IP.

Threat Digest Apr 07, 2026 3 min read

Flowise dashboard showing vulnerable CustomMCP node with exploit warning overlay

⚡ Key Takeaways

12k-15k Flowise servers exposed online, perfect-10 RCE actively exploited via JS injection. 𝕏
CustomMCP node's unsafe eval() of user configs enables full RCE; patched in 3.0.6+. 𝕏
Symptom of no-code AI rush—echoes early WordPress pitfalls, with agentic stakes higher. 𝕏

Published by

Threat Digest

Threat intelligence. Zero noise.

#AI security #AI vulnerability #CVE-2025-59528 #Flowise RCE #Flowise vulnerability #RCE exploit #code execution

Worth sharing?

Get the best Cybersecurity stories of the week in your inbox — no noise, no spam.

Originally reported by Bleeping Computer

⚡ Key Takeaways

The 60-Second TL;DR

Threat Digest

Share this article

Worth sharing?

Related Stories

Flowise's RCE Nightmare: 15,000 Exposed Servers in Hackers' Sights

Flowise's CVSS 10 RCE Nightmare: 12,000 Exposed AI Servers Under Siege

GrafanaGhost: The AI Backdoor Turning Data Dashboards into Spy Tools

F5 BIG-IP RCE Bug Sparks Patch Panic

Stay in the loop