Max severity Flowise RCE vulnerability now exploited in attacks

A maximum-severity remote code execution vulnerability (CVE-2025-59528) in the open-source Flowise platform is being actively exploited in the wild. Flowise is used for building custom LLM applications and agentic AI systems. The vulnerability allows attackers to execute arbitrary code on affected installations, potentially leading to complete system compromise, data exfiltration, and lateral movement within networks. Organizations using Flowise should patch immediately to the latest security update. Given the active exploitation and critical severity rating, this vulnerability poses an immediate risk to any internet-exposed Flowise instances. Prioritize patching and monitor for Indicators of Compromise.

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for building custom LLM apps and agentic systems to execute arbitrary code. [...]

A maximum-severity remote code execution vulnerability (CVE-2025-59528) in the open-source Flowise platform is being actively exploited in the wild. Flowise is used for building custom LLM applications and agentic AI systems. The vulnerability allows attackers to execute arbitrary code on affected installations, potentially leading to complete system compromise, data exfiltration, and lateral movement within networks. Organizations using Flowise should patch immediately to the latest security update. Given the active exploitation and critical severity rating, this vulnerability poses an immediate risk to any internet-exposed Flowise instances. Prioritize patching and monitor for Indicators of Compromise. Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for building custom LLM apps and agentic systems to execute arbitrary code. [...] Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for building custom LLM apps and agentic systems to execute arbitrary code. [...]