flowise-ui
npm2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting flowise-uipage 1 of 1
- CVE-2025-71328HIGHCVSS 8.8EG 8.3✓ Fixed in 3.0.102026-06-25
Flowise before 3.0.10 contains an unverified password change vulnerability. An authenticated user can change their account password through the account settings (Security) section without supplying the current password or any additional ve…
- CVE-2025-71337HIGHCVSS 8.3EG 8.3✓ Fixed in 3.0.102026-06-23
Flowise before 3.0.10 (affected versions 3.0.7 and earlier) contains an unverified email change vulnerability. An authenticated user can change the account email address, used as a login identifier and password-recovery channel, via the ac…
Check whether flowise-ui is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for flowise-ui CVEs against the assets you own.
Start Free Scan →