CVE-2026-46443
FlowiseAI Vulnerable to Credential Data Leak
Description
**Severity**: HIGH (CVSS ~7.5) **Type**: CWE-200 (Exposure of Sensitive Information) **File**: `packages/server/src/services/credentials/index.ts:62-71` **Description**: When credentials are fetched with a `credentialName` filter parameter, the `encryptedData` field is NOT stripped from the response. The code properly omits `encryptedData` when NO filter is used (line 102) but fails to do so when a filter IS used (lines 62-63, 70-71). Credential Data Leak **Evidence**: ```typescript // Lines 62-63: WITH filter - encryptedData LEAKED const credentials = await appServer.AppDataSource.getRepository(Credential).findBy(searchOptions) dbResponse.push(...credentials) // encryptedData NOT removed! // Lines 100-102: WITHOUT filter - encryptedData properly omitted for (const credential of credentials) { dbResponse.push(omit(credential, ['encryptedData'])) // Correctly omitted } ``` **Impact**: Authenticated users can extract encrypted credential data (API keys, passwords, tokens for services like OpenAI, AWS, etc.). Combined with access to the encryption key file (`~/.flowise/encryption.key` written with default permissions), this enables full credential theft. **Reproduction**: ```bash curl https://TARGET/api/v1/credentials?credentialName=openAIApi \ -H "Authorization: Bearer API_KEY" # Response includes encryptedData field with AES-encrypted credentials ```
How to fix CVE-2026-46443
To remediate CVE-2026-46443, upgrade the affected package to a fixed version below.
- —upgrade to 3.1.2 or later
Is CVE-2026-46443 being exploited?
No exploitation signal available. Neither CISA KEV nor a current EPSS score has been published for CVE-2026-46443.
Affected packages (1)
- from 0, < 3.1.2
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 4.0 | — | CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N |