Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.0
Flowise Execute Flow Node Allows Remote Access to Internal Network
GHSA-9hrv-gvrv-6gf2
Summary
The Flowise Execute Flow node in some versions of Flowise allows an attacker to trick the system into making unauthorized requests to internal network addresses, potentially exposing sensitive information and giving access to internal web applications. This could lead to unauthorized access to management interfaces, internal configuration, and confidential information. To fix this, ensure that the system uses secure methods to verify incoming requests.
What to do
- Update henryheng flowise to version 3.1.0.
- Update henryheng flowise-components to version 3.1.0.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| npm | henryheng | flowise |
<= 3.0.13 Fix: upgrade to 3.1.0
|
| npm | henryheng | flowise-components |
<= 3.0.13 Fix: upgrade to 3.1.0
|
Original title
Flowise Execute Flow function has an SSRF vulnerability
Original description
### Summary
The attacker provides an intranet address through the base url field configured in the Execute Flow node
→ Bypass checkDenyList / resolveAndValidate in httpSecurity.ts (not called)
→ Causes the server to initiate an HTTP request to any internal network address, read cloud metadata, or detect internal network services
### Details
<img width="1280" height="860" alt="9a52a74e6fe2fd78e4962d1d68057fc2" src="https://github.com/user-attachments/assets/20df0006-9129-4886-8928-16d19a617c23" />
Then initiate the call:
```
POST /api/v1/prediction/d6739838-d3b3-43d9-86ff-911a3d757a7e HTTP/1.1
Host: 127.0.0.1:3000
Content-Type: application/json
Authorization: Bearer apikey
Content-Length: 17
{"question": "1"}
```
Server received a request:
<img width="1432" height="172" alt="f45c757fec408e13739db068252ff21b" src="https://github.com/user-attachments/assets/d3dfe0f5-83ec-4c79-ab32-754382a68d5f" />
And there is an echo:
<img width="1280" height="666" alt="fa0caf0deb306cfeeea8fdf8941a287e" src="https://github.com/user-attachments/assets/55a94d25-120b-4e9c-9517-46c2fc2b667f" />
Fix:
Call secureFetch for verification
### Impact
This is a Server-Side Request Forgery (SSRF) vulnerability that may lead to the following risks:
- Explore Internal Web Applications
- Access sensitive management interfaces
- Leak internal configuration, credentials, or confidential information
This vulnerability significantly increases the risk of internal service enumeration and potential lateral movement in enterprise environments.
The attacker provides an intranet address through the base url field configured in the Execute Flow node
→ Bypass checkDenyList / resolveAndValidate in httpSecurity.ts (not called)
→ Causes the server to initiate an HTTP request to any internal network address, read cloud metadata, or detect internal network services
### Details
<img width="1280" height="860" alt="9a52a74e6fe2fd78e4962d1d68057fc2" src="https://github.com/user-attachments/assets/20df0006-9129-4886-8928-16d19a617c23" />
Then initiate the call:
```
POST /api/v1/prediction/d6739838-d3b3-43d9-86ff-911a3d757a7e HTTP/1.1
Host: 127.0.0.1:3000
Content-Type: application/json
Authorization: Bearer apikey
Content-Length: 17
{"question": "1"}
```
Server received a request:
<img width="1432" height="172" alt="f45c757fec408e13739db068252ff21b" src="https://github.com/user-attachments/assets/d3dfe0f5-83ec-4c79-ab32-754382a68d5f" />
And there is an echo:
<img width="1280" height="666" alt="fa0caf0deb306cfeeea8fdf8941a287e" src="https://github.com/user-attachments/assets/55a94d25-120b-4e9c-9517-46c2fc2b667f" />
Fix:
Call secureFetch for verification
### Impact
This is a Server-Side Request Forgery (SSRF) vulnerability that may lead to the following risks:
- Explore Internal Web Applications
- Access sensitive management interfaces
- Leak internal configuration, credentials, or confidential information
This vulnerability significantly increases the risk of internal service enumeration and potential lateral movement in enterprise environments.
ghsa CVSS4.0
6.0
Vulnerability type
CWE-918
Server-Side Request Forgery (SSRF)
Published: 16 Apr 2026 · Updated: 16 Apr 2026 · First seen: 16 Apr 2026