Threat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) platform, according to new findings from VulnCheck.The vulnerability in question is CVE-2025-59528 (CVSS score: 10.0), a code injection vulnerability that could result in remote code execution.”The CustomMCP node allows users to input configuration settings for connecting
First seen on thehackernews.com
Jump to article: thehackernews.com/2026/04/flowise-ai-agent-builder-under-active.html
