CVE-2026-46444
FlowiseAI: Vector Store No Permission Checks
Description
### FINDING 4: OpenAI Assistants Vector Store - No Auth on CRUD Operations **Severity**: HIGH (CVSS ~8.1) **Type**: CWE-306 (Missing Authentication for Critical Function) **File**: `packages/server/src/routes/openai-assistants-vector-store/index.ts` **Description**: ALL CRUD endpoints for OpenAI Assistants Vector Store have no authentication middleware AND the route path `/api/v1/openai-assistants-vector-store` is NOT in `WHITELIST_URLS`. However, it is also NOT protected by the main auth middleware when accessed via API key — the route requires API key auth (not whitelisted), but NO permission checks exist on any operation. The real issue is that the routes have no `checkAnyPermission()` middleware, meaning any authenticated user regardless of role can: - Create vector stores - Upload files to vector stores - Delete vector stores and files - Modify any vector store **Evidence**: ```typescript // No permission middleware on any route router.post('/', controller.createAssistantVectorStore) // No permission check router.put(['/', '/:id'], controller.updateAssistantVectorStore) // No permission check router.delete(['/', '/:id'], controller.deleteAssistantVectorStore) // No permission check router.post('/:id', getMulterStorage().array('files'), controller.uploadFilesToAssistantVectorStore) // No permission check ``` **Impact**: Any authenticated user can manipulate OpenAI vector stores, upload malicious files, delete data, or exfiltrate stored documents regardless of their assigned permissions.
How to fix CVE-2026-46444
To remediate CVE-2026-46444, upgrade the affected package to a fixed version below.
- —upgrade to 3.1.2 or later
Is CVE-2026-46444 being exploited?
No exploitation signal available. Neither CISA KEV nor a current EPSS score has been published for CVE-2026-46444.
Affected packages (1)
- from 0, < 3.1.2