GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
9 advisories
FlowiseAI has Mass Assignment in Assistant Update Endpoint that Allows Cross-Workspace Resource Reassignment
High
CVE-2026-46441
was published
for
flowise
(npm)
May 14, 2026
FlowiseAI has Mass Assignment in Chatflow Update Endpoint that Allows Cross-Workspace AgentFlow Reassignment
High
CVE-2026-42863
was published
for
flowise
(npm)
May 14, 2026
FlowiseAI has Mass Assignment in Tool Update Endpoint that Allows Cross-Workspace Resource Reassignment
High
CVE-2026-42862
was published
for
flowise
(npm)
May 14, 2026
FlowiseAI has Mass Assignment in Variable Update Endpoint that Allows Cross-Workspace Resource Reassignment
High
CVE-2026-42861
was published
for
flowise
(npm)
May 14, 2026
Flowise: Mass Assignment in DocumentStore Create Endpoint Leads to Cross-Workspace Object Takeover (IDOR)
High
CVE-2026-41277
was published
for
flowise
(npm)
Apr 17, 2026
Flowise: Improper Mass Assignment in Account Registration Enables Unauthorized Organization Association
High
CVE-2026-41267
was published
for
flowise
(npm)
Apr 16, 2026
Flowise has IDOR leading to Account Takeover and Enterprise Feature Bypass via SSO Configuration
High
CVE-2026-30823
was published
for
flowise
(npm)
Mar 6, 2026
OpenClaw/Clawdbot Docker Execution has Authenticated Command Injection via PATH Environment Variable
High
CVE-2026-24763
was published
for
clawdbot
(npm)
Feb 2, 2026
Self-hosted n8n has Legacy Code node that enables arbitrary file read/write
High
CVE-2025-68697
was published
for
n8n
(npm)
Dec 26, 2025
ProTip!
Advisories are also available from the
GraphQL API