CVE-2026-30822 Overview
CVE-2026-30822 is a Mass Assignment vulnerability (CWE-915) affecting Flowise, a popular drag-and-drop user interface for building customized large language model (LLM) flows. Prior to version 3.0.13, unauthenticated users can inject arbitrary values into internal database fields when creating leads, potentially compromising data integrity and enabling unauthorized access to sensitive functionality.
Critical Impact
Unauthenticated attackers can manipulate internal database fields through the lead creation endpoint, potentially leading to data corruption, privilege escalation, or unauthorized access to LLM workflows.
Affected Products
- Flowise versions prior to 3.0.13
- FlowiseAI Flowise (all installations with unauthenticated lead creation endpoints)
Discovery Timeline
- 2026-03-07 - CVE-2026-30822 published to NVD
- 2026-03-11 - Last updated in NVD database
Technical Details for CVE-2026-30822
Vulnerability Analysis
This vulnerability is classified as Improperly Controlled Modification of Object Prototype Attributes (CWE-915), commonly known as Mass Assignment. The issue arises when the Flowise application fails to properly restrict which object properties can be modified during lead creation operations. Without proper input validation and attribute whitelisting, unauthenticated users can supply additional parameters that get directly mapped to internal database fields.
The attack is network-accessible and requires no authentication, though exploitation complexity is considered high due to the need for knowledge of internal database schema and field names. Successful exploitation could result in high impact to both confidentiality and integrity, with limited availability impact.
Root Cause
The root cause of this vulnerability lies in the absence of proper input filtering or attribute whitelisting in the lead creation functionality. When processing user-supplied data for new lead entries, the application accepts and persists arbitrary key-value pairs without validating whether these fields should be user-controllable. This design flaw allows attackers to inject values into fields that should only be set internally by the application.
Attack Vector
The vulnerability is exploitable over the network by sending specially crafted HTTP requests to the lead creation endpoint. An attacker can include additional parameters in the request body that correspond to internal database fields. Since there is no authentication requirement for this endpoint in vulnerable versions, any remote attacker with network access to the Flowise instance can attempt exploitation.
The attack involves identifying the lead creation API endpoint, then crafting requests with additional parameters targeting internal fields such as administrative flags, role identifiers, or other sensitive database columns. For detailed technical information on the vulnerability mechanism, refer to the GitHub Security Advisory GHSA-mq4r-h2gh-qv7x.
Detection Methods for CVE-2026-30822
Indicators of Compromise
- Unusual lead entries with populated fields that should only be system-generated or administratively controlled
- API logs showing lead creation requests with unexpected or excessive parameters in the request body
- Database records with anomalous field values that deviate from expected lead creation patterns
- Unexpected privilege levels or role assignments associated with lead records
Detection Strategies
- Implement web application firewall (WAF) rules to detect requests with excessive or unexpected parameters to lead creation endpoints
- Enable detailed logging on the Flowise API to capture full request bodies for security analysis
- Monitor database activity for modifications to restricted fields through the lead creation pathway
- Deploy runtime application self-protection (RASP) solutions to detect mass assignment attempts
Monitoring Recommendations
- Review Flowise application logs for lead creation requests with unexpected parameter names
- Set up alerts for database field modifications that should not occur through standard lead creation
- Monitor for authentication bypass attempts combined with lead creation activity
- Regularly audit lead records for anomalous data patterns
How to Mitigate CVE-2026-30822
Immediate Actions Required
- Upgrade Flowise to version 3.0.13 or later immediately
- If immediate upgrade is not possible, implement network-level access controls to restrict access to the lead creation endpoint
- Enable authentication for all Flowise endpoints if not already configured
- Review existing lead records for signs of exploitation
Patch Information
FlowiseAI has addressed this vulnerability in Flowise version 3.0.13. The patch implements proper input validation and attribute whitelisting to prevent mass assignment attacks on the lead creation functionality. Users should upgrade to this version or later to remediate the vulnerability.
For patch details, see the Flowise 3.0.13 Release and the GitHub Security Advisory.
Workarounds
- Restrict network access to Flowise instances using firewall rules or network segmentation
- Implement a reverse proxy with request filtering to block requests containing unexpected parameters
- Enable authentication requirements for all API endpoints, particularly lead creation
- Temporarily disable lead creation functionality if not critical to operations until patching is complete
# Example: Restrict access to Flowise using iptables
# Allow only trusted IP ranges to access the Flowise port
iptables -A INPUT -p tcp --dport 3000 -s 10.0.0.0/8 -j ACCEPT
iptables -A INPUT -p tcp --dport 3000 -j DROP
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
