CVE-2026-56276 Overview
CVE-2026-56276 is a mass assignment vulnerability in Flowise versions prior to 3.1.2. The flaw resides in the PUT /api/v1/user endpoint, which fails to validate or filter user-supplied fields before applying updates. Authenticated users can directly modify the credential field, including the stored password hash, without going through the password change workflow. This bypasses password change verification and session invalidation routines. Attackers who briefly compromise a session can supply a crafted password hash to establish persistent account access, even after the legitimate user changes credentials or terminates sessions. The vulnerability is tracked under [CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes].
Critical Impact
Authenticated attackers can overwrite stored password hashes to maintain persistent access to compromised Flowise accounts, defeating standard credential rotation and session revocation defenses.
Affected Products
- Flowise versions prior to 3.1.2
- FlowiseAI low-code LLM application builder deployments
- Self-hosted Flowise instances exposing the user management API
Discovery Timeline
- 2026-06-20 - CVE-2026-56276 published to NVD
- 2026-06-22 - Last updated in NVD database
Technical Details for CVE-2026-56276
Vulnerability Analysis
Flowise is an open-source low-code platform for building large language model (LLM) applications. The PUT /api/v1/user endpoint accepts a JSON body intended to update non-sensitive profile attributes. The handler binds the incoming request payload directly to the user object without an allowlist of mutable fields. Sensitive attributes, including the credential field that stores the password hash, are accepted and persisted.
An authenticated user can submit a request with an arbitrary credential value. The application writes the supplied hash to the user record. Because the update path is not the normal password reset flow, no session invalidation, audit logging, or current-password verification occurs.
Root Cause
The root cause is improperly controlled modification of dynamically-determined object attributes [CWE-915]. The endpoint lacks a server-side allowlist and treats the request body as a trusted property bag. Authentication-relevant fields such as credential are not segregated from profile fields, so any authenticated session can mutate them through the profile update route.
Attack Vector
Exploitation requires an authenticated session with low privileges. An attacker who obtains a session token through phishing, token theft, or temporary device access sends a crafted PUT /api/v1/user request containing a credential field set to a hash of an attacker-chosen password. The server overwrites the stored hash. The attacker then authenticates with the chosen password at any time, surviving the victim's subsequent password change or logout. The attack does not require user interaction or elevated privileges. See the GitHub Security Advisory and VulnCheck Advisory for full technical detail.
Detection Methods for CVE-2026-56276
Indicators of Compromise
- Unexpected PUT /api/v1/user requests containing a credential or password hash field in the JSON body.
- User records where the credential value changes outside of the documented password reset workflow.
- Successful logins from new IPs or user agents immediately following a profile update event.
Detection Strategies
- Inspect application and reverse proxy logs for PUT /api/v1/user payloads that include sensitive keys such as credential, password, role, or id.
- Correlate user profile update events with subsequent authentication attempts to identify hash-override followed by attacker login.
- Audit the Flowise database for password hash changes lacking a corresponding password-reset audit entry.
Monitoring Recommendations
- Enable verbose HTTP request logging at the application or WAF layer for the /api/v1/user route, capturing request bodies where compliant.
- Alert on any modification to the credential column originating from a path other than the password reset handler.
- Track session activity for accounts that experienced profile updates within the prior 24 hours.
How to Mitigate CVE-2026-56276
Immediate Actions Required
- Upgrade Flowise to version 3.1.2 or later across all environments.
- Force a password reset and revoke all active sessions for every Flowise user account after upgrade.
- Review audit logs for prior PUT /api/v1/user calls containing credential and investigate any matching accounts.
Patch Information
Flowise 3.1.2 introduces a server-side allowlist for the PUT /api/v1/user endpoint, rejecting updates to credential and other authentication-sensitive fields. Apply the upgrade using the official release artifacts referenced in the GitHub Security Advisory GHSA-59fh-9f3p-7m39.
Workarounds
- Place a reverse proxy or web application firewall rule in front of Flowise that blocks PUT /api/v1/user requests containing the credential key until patching is complete.
- Restrict network access to the Flowise management API to trusted administrators and internal networks only.
- Rotate all user passwords and any associated API keys following remediation to invalidate attacker-planted hashes.
# Example NGINX rule to block credential field in user update requests
location /api/v1/user {
if ($request_method = PUT) {
access_by_lua_block {
ngx.req.read_body()
local body = ngx.req.get_body_data() or ""
if string.find(body, '"credential"') then
ngx.exit(403)
end
}
}
proxy_pass http://flowise_backend;
}
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

