Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

Threat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) platform, according to new findings from VulnCheck.
The vulnerability in question is CVE-2025-59528 (CVSS score: 10.0), a code injection vulnerability that could result in remote code execution.
“The CustomMCP node allows users to input configuration settings for connecting

Source

What's Hot

Critical Nginx-ui MCP Flaw Actively Exploited in the Wild

China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware

Researchers Spot Surge in Brute-Force Attacks from Middle East

Critical Nginx-ui MCP Flaw Actively Exploited in the Wild

China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware

Researchers Spot Surge in Brute-Force Attacks from Middle East

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

Why SOC Burnout Can Be Avoided: Practical Steps

Cyber M&A Roundup: Cyber Giants Strengthen AI Security Offerings

Why the Identity Security Fabric is Essential for Securing AI and Non-Human Identities

Most Popular

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

Why SOC Burnout Can Be Avoided: Practical Steps

Our Picks

How to help older family members avoid scams

‘What happens online stays online’ and other cyberbullying myths, debunked

What it is and how to protect yourself

Subscribe to Updates

What's Hot

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

Related Posts

Subscribe to Updates