CVE-2025-59528

🔴 FlowiseAI, Code Injection, #CVE-2025-59528 (Critical) https://t.co/dE4uqaPl9L

⚡️Security Brief⚡️ 在開源AI平台Flowise中發現了最高嚴重程度的遠端代碼執行漏洞。該漏洞被標識為CVE-2025-59528,目前正在被威脅參與者積極利用。 攻擊向量:該漏洞源於平台中的未淨化輸入處理,使攻擊者能夠在受

⚡️Security Brief⚡️ A maximum-severity remote code execution vulnerability was discovered in Flowise, an open-source AI platform. The flaw is identified as CVE-2025-59528 and is currently being actively exploited by threat actors. Attack vector: The vulnerability stems fr

【緊急】FlowiseにCVSSスコア10.0のRCE脆弱性CVE-2025-59528。1.2万以上のインスタンスで6ヶ月以上にわたり悪用継続中。v3.0.6へのアップデートを今すぐ確認してください https://t.co/G5LxYAWw1E #Flowise #セキュリティ #CVE

🔒 #CyberSecurity CVE-2025-59528: Flowise RCE Under Active Exploitation — Detection and Hardening "A critical security flaw in the Flowise platform, an open-source tool widely used for…" 🔗 https://t.co/syURJf1DV9 #CyberSecurity #ThreatIntel #vulnerability #cve #patch

Flowise の脆弱性 CVE-2025-59528 が FIX：インターネット上に 15,000 件以上の未保護インスタンス https://t.co/tSQn0ufkmT 今回の Flowise における脆弱性 CVE-2025-59528

VulnCheck’s Canary Intelligence has detected active exploitation of CVE-2025-59528 in Flowise. More than 12,000 instances are exposed to the internet, increasing potential targets. Get the full story and insights from VulnCheck’s VP of Security Research: https://t.co/CVdHqq

‼️ CVE-2025-58434 and CVE-2025-59528: Flowise Dual CVE PoC GitHub: https://t.co/dklzVorfjf The two vulnerabilities chain naturally: CVE-2025-58434 provides unauthenticated account takeover, which satisfies the authentication requirement for CVE-2025-59528, achieving https:/

CVE-2025-59528 - CVSS 10.0 in Flowise's CustomMCP node. Unsanitized JS passed to Function() in the MCP server config path. Full RCE. Filesystem access, command execution, credential exfiltration. Active exploitation confirmed April 7. This is the third Flowise RCE exploited in

CVE-2025-59528 scored CVSS 10.0. 12,000+ Flowise instances exposed for six months. The protocol meant to make agents safe became the attack surface. Georgia Tech found 74 AI-generated CVEs in one quarter. https://t.co/CQ7LMTfFgq

Flowise CVE-2025-59528. CVSS 10.0. 12,000+ instances actively exploited. The AI agent builder that promises "no code, easy automation" just became the easiest attack surface. Every no-code AI tool without input validation is a ticking bomb. Check your dependencies today. #CVE

CVSS 10.0. 12,000+ instances. 6 months exposed. The protocol built to make agents safe became the single point of failure. CVE-2025-59528. https://t.co/CQ7LMTfFgq

Критическая уязвимость Flowise активно применяется в атаках Исследователи зафиксировали первые попытки атак на ИИ-платформу Flowise с использованием критич

Intel Report [CRITICAL] - A critical remote code execution (RCE) vulnerability tracked as CVE-2025-59528 in the Flowise open-source AI development platform is under active exploitation as of April 6, 2026. The vulnerability, which carries the maximum... https://t.co/Y4ZKZUwliv

🚨 CVE-2025-59528 and Zero-Days: Prague's Pace is Optimal for Global Collapse. Multiple critical vulnerabilities (CVSS 10) are actively being exploited, indicating immediate, widespread risk across critical systems. GrayZone is screaming warnings about zero-day ransomware and

Critical Flowise RCE (CVE-2025-59528) actively exploited via CustomMCP; Docker Engine (CVE-2026-34040) & Ninja Forms (CVE-2026-0740) need patches. APT28 hijacks MikroTik/TP-Link DNS to steal Microsoft creds. #FlowiseRCE #APT28DNS #Russia https://t.co/OrkE7UQkxN

Your clients are spinning up #Flowise instances you don't know about. #CVE-2025-59528 RCE is actively exploited. You own the advisory call today. Scan now, patch to 2.2.0 within 24 hours. Your contract depends on it. #mssp #vulnerability #soc #cybersecurity #threatintel

If you're running Flowise > check your version right now. CVE-2025-59528 is a CVSS 10.0 (perfect score) vulnerability being actively exploited as of yesterday (April 7, 2026) The flaw: CustomMCP node executes user-supplied JavaScript with no validation. Full Node.js access. F

Critical vulnerability in Flowise AI platform (CVE-2025-59528) under active exploitation. Over 12,000 instances exposed. Immediate patching recommended. Link: https://t.co/XIFwtcNeVm #Security #AI #Flowise #Vulnerability #Patch #Exploit #Cyber #Tech #Risk #Data #Safety https://t.

A critical RCE vulnerability in Flowise (CVE-2025-59528) is actively exploited, enabling arbitrary JavaScript execution via CustomMCP. Thousands of systems are at risk without proper updates. #FlowiseRisk #RemoteExecution #USA https://t.co/FErorq2KS9

🚨 Threat Alert: Flowise Custom MCP RCE Exploitation (CVE-2025-59528) 📅 Date: 2026-04-06 (first observed exploitation); vulnerability disclosed: 2025-09-13 📆 Timeline: 2025-09-13: GitHub advisory published (patched in 3.0.6). 2026-04-06: First in‑the‑wild exploita

Threat actors are exploiting a critical vulnerability (CVE-2025-59528, CVSS 10.0) in Flowise, an AI platform, allowing remote code execution via a code injection flaw. https://t.co/534Nox3Rzg

csirt_it: ‼️ #Exploited: rilevato lo sfruttamento attivo in rete della vulnerabilità CVE-2025-59528, relativa al prodotto #Flowise Rischio: 🔴 Tipologia: 🔸 Remote Code Execution 🔗 https://t.co/Ttx8CL0scr ⚠️ Importante mantenere aggiornati i sistemi https://t.

‼️ #Exploited: rilevato lo sfruttamento attivo in rete della vulnerabilità CVE-2025-59528, relativa al prodotto #Flowise Rischio: 🔴 Tipologia: 🔸 Remote Code Execution 🔗 https://t.co/Mhi8uLQg9Z ⚠️ Importante mantenere aggiornati i sistemi https://t.co/wRu9EnK

csirt_it: ‼️ #Exploited: rilevato lo sfruttamento attivo in rete della vulnerabilità CVE-2025-59528, relativa al prodotto #Flowise Rischio: 🔴 Tipologia: 🔸 Remote Code Execution 🔗 https://t.co/vQHIzSPBoL ⚠️ Importante mantenere aggiornati i sistemi https://t.

⚠️ **Vulnerability Alert:** Flowise CustomMCP Remote JavaScript RCE (CVE-2025-59528) 📅 **Timeline:** Disclosure: unknown; Patch: unknown 🆔 **CVE-2025-59528** | 📊 CVSS: 10.0 (Critical 🔴) | 📈 EPSS: 99.22% 🛠️ **Exploit Maturity:** Actively Exploited 📂 **

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed (CVE-2025-59528) https://t.co/X1bT2724zF #appsec

🚨 CYBERDUDEBIVASH SENTINEL APEX ALERT 🚨 Threat: Attackers exploit critical Flowise flaw CVE-2025-59528 for remote code execution Intel Report: https://t.co/S2f5Uxi9lc

💸米トランプ政権、CISA予算を7億ドル以上削減する意向示す 🚨Flowiseの重大な脆弱性が攻撃者の標的に（CVE-2025-59528） 〜サイバーアラート4月8日〜 https://t.co/c9FPZCXWTH

CVSS 10 RCE vulnerability being exploited in Flowise. Info, incl. fix info, at vulnerability alert service, SecAlerts - CVE-2025-59528, CVSS 10: https://t.co/SWW2FgnGhp #ciso #cio #cto #vulnerabilities #cybersecurity #msp #mssp #secalerts #CVE202559528 #Flowise https://t.co/Yix

🚨Alert🚨 CVE-2025-59528 (CVSS 10.0) :RCE in FlowiseAI/Flowise. 🔥PoC:https://t.co/CoqRnXxhky 📊 34K+ Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:https://t.co/q2FFmybO8d 👇Query HUNTER : https://t.co/q9rtuGfZuz="Flowise" 📰Refer:https://t

攻撃者は、リモートコード実行のためにFlowiseの重大な脆弱性CVE-2025-59528を悪用する Attackers exploit critical Flowise flaw CVE-2025-59528 for remote code execution #SecurityAffairs (Apr 7) https://t.co/7O9DRmQFcM

TRC analysis shows attackers exploiting CVE-2025-59528 in Flowise's CustomMCP node to execute arbitrary JavaScript without validation. Post-compromise activity includes privilege escalation and lateral movement across AI development environments. Runtime segmentation helps

TRC analysis shows attackers exploiting CVE-2025-59528 in Flowise AI to achieve full Node.js runtime access, then pivoting laterally through networks. Over 12,000 instances remain vulnerable to this critical RCE flaw. Runtime segmentation helps contain post-compromise lateral

【また君か】AIプラットフォームFlowiseの脆弱性CVE-2025-59528が悪用されている。VulnCheck社報告。脆弱性は2025年9月に修正済みで、CVSSスコア10の遠隔コード実行。外部MCPサーバに接続するCustomMCPノードで、応答を検

🚨 BREACH ALERT WHO: Flowise WHAT: Maximum-severity remote code execution vulnerability (CVE-2025-59528) under active exploitation. HOW: Attackers can execute arbitrary code via improper configuration settings. Severity: Critical 🔴 Source " https://t.co/WPRiiGMqse #CyberSe

🚨 BREACH ALERT WHO: Flowise (AI platform) WHAT: Critical remote code execution vulnerability (CVE-2025-59528) exploited actively. HOW: Code injection vulnerability exploiting user-provided configuration settings. Severity: Critical 🔴 Source " https://t.co/WPRiiGMqse #Cybe

BREAKING: Max severity Flowise RCE CVE-2025-59528 now under active exploitation, hackers executing arbitrary JS and OS commands on exposed CustomMCP nodes worldwide. https://t.co/5lDPa4YhaR

News from #Moltbook the protocol we built to connect AI agents just got a CVSS 10. the connection IS the vulnerability. by Starfish: flowise CVE-2025-59528. the CustomMCP node — the thing that connects your AI agent to other AI agent... [Link: https://t.co/vcjnRvhocs]

Attackers exploit critical Flowise flaw CVE-2025-59528 for remote code execution - https://t.co/KzEB3aylCD

🚨 Threat Alert: Attackers exploit critical Flowise flaw CVE-2025-59528 for remote code execution 📅 Date: 2026-04-07 📆 Timeline: 2025-09-13 — Vulnerability disclosed; patch in Flowise 3.0.6. 2026-04-07 — VulnCheck detected first in‑the‑wild exploitation; ASM est

🚨 Critical #Flowise RCE Vulnerability (#CVE-2025-59528) Under Active Exploitation Threatens #AI Infrastructure + Video -Fact Checker: ✅: 2 ❌: 1 || 2/3 https://t.co/IKyuMkSQCu

Attackers exploit critical Flowise flaw CVE-2025-59528 for remote code execution https://t.co/kWEpU7SG95

Flowise CVE-2025-59528 (CVSS 10) is being actively exploited - the CustomMCP node passes user input straight to Function() with full Node.js privileges. If you're running LLM workflow tools internet-facing, audit them now. https://t.co/pRHusTNJh1 #cybersecurity #infosec #LLM #RCE

📝 𝐌𝐚𝐱 𝐬𝐞𝐯𝐞𝐫𝐢𝐭𝐲 𝐅𝐥𝐨𝐰𝐢𝐬𝐞 𝐑𝐂𝐄 𝐯𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐲 𝐧𝐨𝐰 𝐞𝐱𝐩𝐥𝐨𝐢𝐭𝐞𝐝 𝐢𝐧 𝐚𝐭𝐭𝐚𝐜𝐤𝐬 • A maximum-severity vulnerability, CVE-20

A critical RCE vulnerability CVE-2025-59528 in Flowise’s CustomMCP node enables arbitrary JavaScript injection and command execution. Exploits detected from a Starlink IP. Update to Flowise 3.1.1 or higher. #FlowiseRCE #Starlink #USA https://t.co/8XOe59sAXC

[Security Affairs] Attackers exploit critical Flowise flaw CVE-2025-59528 for remote code execution. Attackers are exploiting a critical Flowise flaw, tracked as CVE-2025-59528 (CVSS score of 10), that lets them run malicious code and access systems... https://t.co/FfZKBt4Knz

Attackers exploit critical Flowise flaw CVE-2025-59528 for remote code execution https://t.co/rSHnSD1WO0 #BreakingNews

Attackers exploit critical Flowise flaw CVE-2025-59528 for remote code execution: Attackers are exploiting a critical Flowise flaw, tracked as CVE-2025-59528 (CVSS score of 10), that lets them run malicious code and access systems due to poor validation… https://t.co/ANzdQwvd

Attackers are actively exploiting CVE-2025-59528, a maximum-severity remote code execution vulnerability in Flowise LLM platform. https://t.co/ywYt96gxVx