Acritical vulnerabilityin FlowiseAI has been discovered that allows attackers to take over user accounts with minimal effort. The flaw, tracked as CVE-2025-58434, affects both cloud-hosted and self-hosted FlowiseAI deployments, posing significant risks to organizations using this AI workflow automation platform. CVE Number Affected Product Vulnerability Type CVSS 3.1 Score CVE-2025-58434 FlowiseAI (npm package flowise) Unauthenticated Password […] The post FlowiseAI Password Reset Token Vulnerability Enables Account Takeover appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/flowiseai-password-reset-token-vulnerability/
