📄 Description (English)
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Mass Assignment vulnerability in the DocumentStore creation endpoint allows authenticated users to control the primary key (id) and internal state fields of DocumentStore entities. Because the service uses repository.save() with a client-supplied primary key, the POST create endpoint behaves as an implicit UPSERT operation. This enables overwriting existing DocumentStore objects. In multi-workspace or multi-tenant deployments, this can lead to cross-workspace object takeover and broken object-level authorization (IDOR), allowing an attacker to reassign or modify DocumentStore objects belonging to other workspaces. This vulnerability is fixed in 3.1.0.
🤖 AI Executive Summary
CVE-2026-41277 is a critical Mass Assignment vulnerability in Flowise versions prior to 3.1.0 that allows authenticated users to perform unauthorized UPSERT operations on DocumentStore objects. The vulnerability enables cross-workspace object takeover and broken object-level authorization (IDOR), potentially allowing attackers to modify or reassign DocumentStore objects belonging to other workspaces. With a CVSS score of 8.8 and publicly available exploits, this poses an immediate threat to organizations deploying Flowise in multi-tenant environments.
📄 Description (Arabic)
🤖 AI Intelligence Analysis Analyzed: Apr 24, 2026 19:36
🇸🇦 Saudi Arabia Impact Assessment
This vulnerability poses significant risk to Saudi organizations using Flowise for AI/LLM applications, particularly in: (1) Banking and Financial Services (SAMA-regulated entities) - if Flowise is used for document processing in customer data systems; (2) Government agencies and NCA-regulated entities - if deployed for internal document management or AI-driven services; (3) Healthcare providers - if used for patient document processing or medical records management; (4) Telecommunications (STC, Mobily) - if leveraged for customer service AI systems; (5) Energy sector (ARAMCO, utilities) - if used for operational document management. The multi-tenant vulnerability is particularly critical for Saudi cloud service providers and managed service providers offering Flowise as a service to multiple clients.
🏢 Affected Saudi Sectors
Banking and Financial Services
Government and Public Administration
Healthcare and Medical Services
Telecommunications
Energy and Utilities
Cloud Service Providers
Managed Service Providers
Enterprise Software Development
🎯 MITRE ATT&CK Techniques
T1190 - Exploit Public-Facing Application
T1548 - Abuse Elevation Control Mechanism
T1078 - Valid Accounts (using authenticated access)
T1199 - Trusted Relationship (multi-tenant exploitation)
T1526 - Reconnaissance (identifying DocumentStore objects)
T1537 - Transfer Data to Cloud Account (cross-workspace data access)
⚖️ Saudi Risk Score (AI)
8.5
/ 10.0
🔧 Remediation Steps (English)
IMMEDIATE ACTIONS:
1. Identify all Flowise deployments in your organization and document their versions
2. Assess if Flowise is deployed in multi-workspace/multi-tenant configurations
3. Review access logs for DocumentStore creation/modification endpoints (POST /api/documentstore) for suspicious activity
4. Implement network segmentation to restrict access to Flowise instances to authorized users only
PATCHING GUIDANCE:
1. Upgrade Flowise to version 3.1.0 or later immediately
2. If immediate upgrade is not possible, apply the following compensating controls:
- Disable or restrict access to DocumentStore creation endpoints
- Implement strict input validation to reject any client-supplied 'id' or internal state fields
- Enforce workspace isolation at the application layer
COMPENSATING CONTROLS (if patch unavailable):
1. Implement API gateway rules to strip client-supplied 'id' and internal state fields from POST requests to /api/documentstore
2. Add application-level validation to reject UPSERT behavior - ensure POST only creates new objects with server-generated IDs
3. Implement strict workspace isolation checks before any DocumentStore operation
4. Enable detailed audit logging for all DocumentStore operations
5. Restrict API access to DocumentStore endpoints using role-based access control (RBAC)
DETECTION RULES:
1. Monitor for POST requests to /api/documentstore containing 'id' field in request body
2. Alert on DocumentStore modifications from users outside the owning workspace
3. Track rapid DocumentStore creation/modification patterns that may indicate exploitation
4. Monitor for HTTP 200/201 responses on DocumentStore endpoints followed by cross-workspace access attempts
🔧 خطوات المعالجة (العربية)
الإجراءات الفورية:
1. حدد جميع نشرات Flowise في مؤسستك وقثّق إصداراتها
2. قيّم ما إذا تم نشر Flowise في تكوينات متعددة مساحات العمل/متعددة المستأجرين
3. راجع سجلات الوصول لنقاط نهاية إنشاء/تعديل DocumentStore (POST /api/documentstore) للبحث عن نشاط مريب
4. طبّق تقسيم الشبكة لتقييد الوصول إلى مثيلات Flowise للمستخدمين المصرح لهم فقط
إرشادات التصحيح:
1. قم بترقية Flowise إلى الإصدار 3.1.0 أو أحدث على الفور
2. إذا لم يكن الترقية الفورية ممكنة، طبّق الضوابط التعويضية التالية:
- عطّل أو قيّد الوصول إلى نقاط نهاية إنشاء DocumentStore
- طبّق التحقق الصارم من المدخلات لرفض أي حقول 'id' أو حالة داخلية يوفرها العميل
- فرض عزل مساحة العمل على مستوى التطبيق
الضوابط التعويضية (إذا لم يكن التصحيح متاحاً):
1. طبّق قواعد بوابة API لإزالة حقول 'id' والحالة الداخلية التي يوفرها العميل من طلبات POST إلى /api/documentstore
2. أضف التحقق على مستوى التطبيق لرفض سلوك UPSERT - تأكد من أن POST ينشئ كائنات جديدة فقط بمعرّفات يتم إنشاؤها من قبل الخادم
3. طبّق فحوصات عزل مساحة العمل الصارمة قبل أي عملية DocumentStore
4. فعّل تسجيل التدقيق التفصيلي لجميع عمليات DocumentStore
5. قيّد الوصول إلى API لنقاط نهاية DocumentStore باستخدام التحكم في الوصول القائم على الأدوار (RBAC)
قواعد الكشف:
1. راقب طلبات POST إلى /api/documentstore التي تحتوي على حقل 'id' في نص الطلب
2. أصدر تنبيهات عند تعديل DocumentStore من قبل مستخدمين خارج مساحة العمل المالكة
3. تتبع أنماط إنشاء/تعديل DocumentStore السريعة التي قد تشير إلى الاستغلال
4. راقب استجابات HTTP 200/201 على نقاط نهاية DocumentStore متبوعة بمحاولات الوصول عبر مساحات العمل
📋 Regulatory Compliance Mapping
🟢 NCA ECC 2024
ECC 2024 - 5.1.1: Access Control - Unauthorized modification of objects violates access control requirements
ECC 2024 - 5.2.1: Authentication and Authorization - IDOR vulnerability indicates broken authorization
ECC 2024 - 6.1.1: Data Protection - Cross-workspace data access violates data isolation requirements
ECC 2024 - 7.1.1: Audit and Accountability - Insufficient logging of DocumentStore modifications
🔵 SAMA CSF
SAMA CSF - Governance & Risk Management: Vulnerability management and patch management processes
SAMA CSF - Information Security: Access control and authorization mechanisms
SAMA CSF - Operational Resilience: Incident detection and response capabilities
SAMA CSF - Data Protection: Data isolation and confidentiality controls in multi-tenant environments
🟡 ISO 27001:2022
ISO 27001:2022 - A.5.2: User access management - Inadequate access control implementation
ISO 27001:2022 - A.5.3: Access rights - Broken object-level authorization
ISO 27001:2022 - A.8.2: Information security policies - Lack of secure development practices
ISO 27001:2022 - A.12.6: Change management - Vulnerability in application code
🟣 PCI DSS v4.0.1
PCI DSS 3.2.1: Access control - Unauthorized access to cardholder data if DocumentStore contains payment information
PCI DSS 6.5.1: Injection flaws and mass assignment vulnerabilities
PCI DSS 7.1: Limit access to cardholder data by business need to know
📦 Affected Products / CPE 1 entries
flowiseai:flowise