CVE-2026-42861 in Flowiseinfo

Prediction

by VulDB Data Team • 05/15/2026

A security vulnerability has been detected in FlowiseAI Flowise up to 3.0.12. Affected by this issue is the function createLead of the component API Endpoint. Such manipulation leads to dynamically-determined object attributes. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 3.1.2 can resolve this issue. It is suggested to upgrade the affected component.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Moderation

accepted

Entry

VDB-361275

CPE

ready

CWE

CWE-915 (confirmed)

Exploit

Download

CVSS

6.3 (VulDB)

EPSS

0.00000

KEV

Activities

very low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-42861
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-42861
CVE Details	https://www.cvedetails.com/cve/CVE-2026-42861/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!