CVE-2026-41272: CWE-918: Server-Side Request Forgery (SSRF) in FlowiseAI Flowise
FlowiseAI Flowise versions prior to 3. 1. 0 contain a Server-Side Request Forgery (SSRF) vulnerability due to logic flaws in core security wrappers designed to prevent SSRF. These flaws allow attackers to bypass allow/deny lists using DNS Rebinding or by exploiting default configurations that do not enforce deny lists. The vulnerability is fixed in version 3. 1. 0. The vulnerability has a high severity with a CVSS score of 7. 1. Flowise is a cloud service, and the vendor manages remediation for this service.
AI Analysis
Technical Summary
CVE-2026-41272 is a Server-Side Request Forgery (SSRF) vulnerability in FlowiseAI Flowise before version 3.1.0. The issue arises from multiple logic flaws in the secureAxiosRequest and secureFetch security wrappers, which were intended to prevent SSRF attacks. These flaws enable attackers to bypass allow/deny lists via DNS Rebinding (a Time-of-Check Time-of-Use issue) or by exploiting default configurations that fail to enforce any deny list. The vulnerability is addressed in Flowise version 3.1.0. The product is a cloud-hosted service, and the vendor typically manages patching for such services.
Potential Impact
Successful exploitation of this SSRF vulnerability could allow an attacker to make unauthorized server-side requests, potentially leading to high confidentiality and integrity impacts and a low availability impact, as reflected by the CVSS vector. This could expose internal resources or sensitive data accessible from the server hosting Flowise. No known exploits are reported in the wild at this time.
Mitigation Recommendations
A fix for this vulnerability is available in Flowise version 3.1.0. Since Flowise is a cloud-hosted service, the vendor manages remediation server-side. Users should verify with the vendor advisory that their service instance is updated to version 3.1.0 or later to ensure the vulnerability is mitigated.
CVE-2026-41272: CWE-918: Server-Side Request Forgery (SSRF) in FlowiseAI Flowise
Description
FlowiseAI Flowise versions prior to 3. 1. 0 contain a Server-Side Request Forgery (SSRF) vulnerability due to logic flaws in core security wrappers designed to prevent SSRF. These flaws allow attackers to bypass allow/deny lists using DNS Rebinding or by exploiting default configurations that do not enforce deny lists. The vulnerability is fixed in version 3. 1. 0. The vulnerability has a high severity with a CVSS score of 7. 1. Flowise is a cloud service, and the vendor manages remediation for this service.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-41272 is a Server-Side Request Forgery (SSRF) vulnerability in FlowiseAI Flowise before version 3.1.0. The issue arises from multiple logic flaws in the secureAxiosRequest and secureFetch security wrappers, which were intended to prevent SSRF attacks. These flaws enable attackers to bypass allow/deny lists via DNS Rebinding (a Time-of-Check Time-of-Use issue) or by exploiting default configurations that fail to enforce any deny list. The vulnerability is addressed in Flowise version 3.1.0. The product is a cloud-hosted service, and the vendor typically manages patching for such services.
Potential Impact
Successful exploitation of this SSRF vulnerability could allow an attacker to make unauthorized server-side requests, potentially leading to high confidentiality and integrity impacts and a low availability impact, as reflected by the CVSS vector. This could expose internal resources or sensitive data accessible from the server hosting Flowise. No known exploits are reported in the wild at this time.
Mitigation Recommendations
A fix for this vulnerability is available in Flowise version 3.1.0. Since Flowise is a cloud-hosted service, the vendor manages remediation server-side. Users should verify with the vendor advisory that their service instance is updated to version 3.1.0 or later to ensure the vulnerability is mitigated.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-04-18T14:01:46.801Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
- Is Cloud Service
- true
Threat ID: 69ea782987115cfb6850f837
Added to database: 4/23/2026, 7:51:05 PM
Last enriched: 4/23/2026, 8:06:17 PM
Last updated: 4/23/2026, 9:02:41 PM
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.