Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

A critical remote code execution vulnerability (CVE-2025-59528, CVSS 10.0) in Flowise AI Agent Builder is being actively exploited in the wild. The flaw exists in the CustomMCP node configuration feature and enables unauthenticated remote code execution via code injection. Over 12,000 instances of the open-source platform are exposed to potential compromise. Organizations using Flowise should immediately patch to the latest version or restrict access to the CustomMCP configuration interface. This represents a severe risk as attackers can gain full system control without credentials.

Threat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) platform, according to new findings from VulnCheck. The vulnerability in question is CVE-2025-59528 (CVSS score: 10.0), a code injection vulnerability that could result in remote code execution. "The CustomMCP node allows users to input configuration settings for connecting

A critical remote code execution vulnerability (CVE-2025-59528, CVSS 10.0) in Flowise AI Agent Builder is being actively exploited in the wild. The flaw exists in the CustomMCP node configuration feature and enables unauthenticated remote code execution via code injection. Over 12,000 instances of the open-source platform are exposed to potential compromise. Organizations using Flowise should immediately patch to the latest version or restrict access to the CustomMCP configuration interface. This represents a severe risk as attackers can gain full system control without credentials. Threat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) platform, according to new findings from VulnCheck. The vulnerability in question is CVE-2025-59528 (CVSS score: 10.0), a code injection vulnerability that could result in remote code execution. "The CustomMCP node allows users to input configuration settings for connecting Threat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) platform, according to new findings from VulnCheck. The vulnerability in question is CVE-2025-59528 (CVSS score: 10.0), a code injection vulnerability that could result in remote code execution. "The CustomMCP node allows users to input configuration settings for connecting