CVE-2026-41279 | FlowiseAI Flowise up to 3.0.x generate authorization (GHSA-5fw2-mwhh-9947)

Inserito da Angelo Barbosa | Apr 23, 2026 | CVE

A vulnerability labeled as problematic has been found in FlowiseAI Flowise up to 3.0.x. The affected element is an unknown function of the file /api/v1/text-to-speech/generate. Such manipulation leads to authorization bypass.

This vulnerability is uniquely identified as CVE-2026-41279. The attack can be launched remotely. No exploit exists.

The affected component should be upgraded.

CVE-2026-41279 | FlowiseAI Flowise up to 3.0.x generate authorization (GHSA-5fw2-mwhh-9947)

Post correlati

CVE-2024-28122 | lestrrat-go jwx up to 1.2.28/2.0.20 resource consumption (GHSA-hj3v-m684-v259)

CVE-2026-34200 | Nhost up to 1.40.x missing authentication

CVE-2023-50333 | Mattermost up to 8.1.6/9.2.2 Guest Demotion access control

CVE-2025-55283 | aiven aiven-db-migrate up to 1.0.6 command injection