CVE-2026-43995— Flowise: SSRF Protection Bypass via Direct node-fetch / axios Usage (Patch Enforcement Failure)

EPSS 0.04% · P12 Updated May 15, 2026

Affected Version Matrix 1

Vendor	Product	Version Range	Status
FlowiseAI	Flowise	`< 3.1.0`	affected

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-43995

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Flowise: SSRF Protection Bypass via Direct node-fetch / axios Usage (Patch Enforcement Failure)

Source: NVD (National Vulnerability Database)

Vulnerability Description

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, multiple tool implementations directly import and invoke raw HTTP clients (node-fetch, axios) instead of using the secured wrapper. These tools include (1) OpenAPIToolkit/OpenAPIToolkit.ts, (2) WebScraperTool/WebScraperTool.ts, (3) MCP/core.ts, and (4) Arxiv/core.ts. This vulnerability is fixed in 3.1.0.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

服务端请求伪造(SSRF)

Source: NVD (National Vulnerability Database)

Vulnerability Title

Flowise 代码问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Flowise是FlowiseAI开源的一个用于轻松构建 LLM 应用程序的工具。 Flowise 3.1.0之前版本存在代码问题漏洞，该漏洞源于多个工具实现直接导入并调用原始HTTP客户端而非使用安全包装器，可能导致安全风险。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
FlowiseAI	Flowise	< 3.1.0	-

II. Public POCs for CVE-2026-43995

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2026-43995

请登录查看更多情报信息。

IV. Related Vulnerabilities

Same product: Flowise

Same vendor: FlowiseAI

Same weakness: CWE-918

V. Comments for CVE-2026-43995

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-43995— Flowise: SSRF Protection Bypass via Direct node-fetch / axios Usage (Patch Enforcement Failure)

Affected Version Matrix 1

I. Basic Information for CVE-2026-43995

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-43995

III. Intelligence Information for CVE-2026-43995

IV. Related Vulnerabilities

V. Comments for CVE-2026-43995

Leave a comment