A critical remote code execution vulnerability has been identified in "Flowise is a drag" products, assigned CVE-2025-59528 with a maximum CVSS score of 10.0. This flaw allows an unauthenticated attacker to take complete control of an affected system over the network, potentially leading to data theft, service disruption, and further network compromise. Immediate patching is required to mitigate this severe risk.

The vulnerability exists within the "CustomMCP" node component of the Flowise application. This node improperly handles user-supplied configuration data, failing to sanitize input before it is processed by the underlying system. An unauthenticated remote attacker can craft a malicious request containing operating system commands and submit it to the CustomMCP node, which will then execute these commands with the privileges of the Flowise application service account.

This vulnerability is of critical severity with a CVSS score of 10.0, representing the highest possible risk. Successful exploitation grants an attacker full control over the affected server, leading to severe business consequences. These include the theft of sensitive data processed by the large language model, deployment of ransomware, complete disruption of services, and the ability for the attacker to use the compromised system as a pivot point to launch further attacks against the internal network. The potential for reputational damage, financial loss, and regulatory penalties is extremely high.

Immediate Action:

• Immediately apply the security updates provided by the vendor. Update all instances of "Flowise is a drag Multiple Products" to the latest patched version.
• After patching, review system and application access logs for any signs of compromise that may have occurred prior to the update.
• Monitor for any unusual or ongoing exploitation attempts against the application.

Proactive Monitoring:

• Log Analysis: Scrutinize application logs for anomalous inputs or errors related to the "CustomMCP" node. Monitor server logs for unexpected processes being spawned by the Flowise service (e.g., sh, bash, cmd.exe, powershell.exe).
• Network Traffic: Monitor for unusual outbound connections from Flowise servers to unknown IP addresses, which could indicate a reverse shell or data exfiltration.
• File Integrity Monitoring: Implement checks for unexpected file creation, modification, or deletion in the application's directories and system directories.

Compensating Controls:

• Network Segmentation: Restrict access to the Flowise application interface at the network level, allowing connections only from trusted IP addresses.
• Web Application Firewall (WAF): Deploy a WAF with rules designed to detect and block common command injection patterns in web requests.
• Principle of Least Privilege: Run the Flowise application with the lowest possible user privileges to limit the impact of a potential compromise. If possible, run the application in a sandboxed or containerized environment with strict egress filtering rules.

Public Exploit Available: false

Due to the critical severity of this vulnerability, organizations must treat this as an emergency. The highest priority is to apply the vendor-provided patches to all affected systems without delay. Although CVE-2025-59528 is not currently listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, its perfect CVSS score indicates it is a prime target for exploitation. If immediate patching is not feasible, the compensating controls outlined above must be implemented as a temporary measure to reduce the risk of compromise.