CVE-2025-57164 is a remote code execution (RCE) vulnerability affecting Flowise through version 3.0.4. The root cause is the unsanitized evaluation of user-supplied input in the 'Supabase RPC Filter' field, which allows attackers to inject and execute arbitrary commands on the server. This vulnerability is categorized under CWE-77, which involves improper neutralization of special elements used in OS commands or system calls. The vulnerability can be exploited remotely over the network without requiring any privileges or user interaction, making it accessible to unauthenticated attackers. The CVSS v3.1 base score is 6.5, reflecting a medium severity level primarily due to the limited impact on availability and partial impact on confidentiality and integrity. Exploitation could lead to unauthorized disclosure of sensitive data or manipulation of system behavior, potentially compromising the integrity of the affected systems. No patches or official fixes have been released as of the publication date, and no known exploits are currently reported in the wild. The vulnerability specifically targets the Supabase RPC Filter functionality within Flowise, a component that likely interfaces with backend databases or services, increasing the risk of data exposure or backend compromise. Given the nature of the vulnerability, attackers could craft malicious payloads that bypass input validation and execute commands on the host, potentially leading to further lateral movement or data exfiltration.

For European organizations, this vulnerability poses a significant risk to the confidentiality and integrity of data processed through Flowise, especially in environments leveraging Supabase for backend operations. Unauthorized remote code execution could allow attackers to access sensitive customer or operational data, modify application behavior, or disrupt business processes. Sectors such as finance, healthcare, and critical infrastructure that rely on Flowise for data workflows or automation could face regulatory and reputational damage if exploited. The lack of authentication and user interaction requirements increases the likelihood of automated exploitation attempts. Additionally, organizations may face compliance issues under GDPR if personal data is compromised. The medium severity rating suggests that while availability impact is limited, the potential for data leakage and unauthorized system control remains a serious concern. Without timely mitigation, attackers could use this vulnerability as an entry point for broader network compromise within European enterprises.

Since no official patch is currently available, European organizations should implement immediate compensating controls. These include disabling or restricting access to the 'Supabase RPC Filter' feature if not essential, applying strict input validation and sanitization on all user inputs related to RPC filters, and employing web application firewalls (WAFs) to detect and block suspicious payloads targeting this vector. Network segmentation should be enforced to limit the exposure of Flowise instances to untrusted networks. Monitoring and logging of RPC filter usage should be enhanced to identify anomalous or unauthorized commands. Organizations should also review and harden backend Supabase configurations to minimize the impact of potential command execution. Regular security assessments and penetration testing focused on this vulnerability can help identify exploitation attempts. Finally, staying updated with vendor advisories for patches or updates is critical to apply fixes promptly once available.