Jarsy(@JarsyInc ):⚡️Security Brief⚡️ A maximum-severity remote code execution vulnerability was discovered in Flowise, an open-source AI platform. The flaw is identified as CVE-2025-59528 and is currently being actively exploited by threat actors. Attack vector: The vulnerability stems from unsanitized input handling in the platform, enabling attackers to execute arbitrary code remotely on affected systems. Active exploitation indicates immediate risk to deployed instances. Remediation urgency: Organizations running Flowise should prioritize patching or isolating affected instances given the maximum severity rating and ongoing threat actor activity targeting this vulnerability. @Flowise Source: Trend Micro

2026.04.16 02:00

⚡️Security Brief⚡️ A maximum-severity remote code execution vulnerability was discovered in Flowise, an open-source AI platform. The flaw is identified as CVE-2025-59528 and is currently being actively exploited by threat actors. Attack vector: The vulnerability stems from unsanitized input handling in the platform, enabling attackers to execute arbitrary code remotely on affected systems. Active exploitation indicates immediate risk to deployed instances. Remediation urgency: Organizations running Flowise should prioritize patching or isolating affected instances given the maximum severity rating and ongoing threat actor activity targeting this vulnerability. @Flowise Source: Trend Micro