INTERNET Watch

AIが「理解」するから、API仕様書のコピペでアプリができあがる ...

FlowiseAIが提供している「Flowise」は、大規模言語モデル(LLM)を使った開発のためのライブラリとして有名な「LangChain」と同様に、複数の機能を組み合わせたチャットアプリをGUIで設計できるローコードツールだ。 ユーザーとチャットでやり取りする「Chat ...
Bleeping Computer

Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for building custom LLM apps and agentic systems to execute arbitrary code. The ...
Infosecurity-magazine.com

Critical Flowise Flaw Gives Attackers Full Server Control

A critical flaw in the open-source AI platform Flowise has been disclosed, along with working proof-of-concept (PoC) code, allowing an attacker to take over a server when a logged-in user simply ...
MSN による配信

Top open source AI platform Flowise hit by maximum-level security issue

Flowise AI platform carried CVSS-10 arbitrary code flaw Vulnerability in CustomMCP node exploited in the wild Up to 15,000 exposed instances urged to update immediately Flowise, a popular open source ...
CSOonline

Hackers exploit a critical Flowise flaw affecting thousands of AI workflows

Threat actors have found a way to inject arbitrary JavaScript into the Flowise low-code platform for building custom LLM and agentic systems. The code injection was possible due to a design oversight, ...