CVE-2026-41275
Published: 23 April 2026
Summary
CVE-2026-41275 is a high-severity Cleartext Transmission of Sensitive Information (CWE-319) vulnerability in Flowiseai Flowise. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Adversary-in-the-Middle (T1557); ranked at the 5.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as Other AI Platforms.
The strongest mitigations our analysis identified are NIST 800-53 SC-8 (Transmission Confidentiality and Integrity) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Requires cryptographic protection of transmitted sensitive information such as password reset links to prevent man-in-the-middle interception over unsecured HTTP.
Mandates timely flaw remediation including patching Flowise to version 3.1.0 which enforces HTTPS for password reset links.
Requires management and protection of authenticators like password reset tokens during transmission to commensurate with their sensitivity, addressing insecure HTTP delivery.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability's cleartext HTTP transmission of password reset tokens directly enables man-in-the-middle interception attacks on the same network (e.g., public Wi-Fi) to capture the token and perform account takeover.
NVD Description
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the password reset functionality on cloud.flowiseai.com sends a reset password link over the unsecured HTTP protocol instead of HTTPS. This behavior…
more
introduces the risk of a man-in-the-middle (MITM) attack, where an attacker on the same network as the user (e.g., public Wi-Fi) can intercept the reset link and gain unauthorized access to the victim’s account. This vulnerability is fixed in 3.1.0.
Deeper analysisAI
CVE-2026-41275 affects Flowise, an open-source drag-and-drop user interface for building customized large language model (LLM) flows. In versions prior to 3.1.0, the password reset functionality on cloud.flowiseai.com transmits reset links over unsecured HTTP rather than HTTPS, violating secure communication practices as defined by CWE-319 (Cleartext Transmission of Sensitive Information). This flaw exposes sensitive reset tokens to interception, with a CVSS v3.1 base score of 7.5 (AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H), indicating high confidentiality, integrity, and availability impacts under specific conditions.
An attacker can exploit this vulnerability via a man-in-the-middle (MITM) attack when positioned on the same network as the victim, such as public Wi-Fi. The scenario requires the user to initiate a password reset (user interaction), after which the attacker intercepts the HTTP-transmitted reset link containing the token. Successful interception allows the attacker to access the link, complete the reset process, and gain unauthorized control of the victim's Flowise account, potentially compromising LLM workflows or associated data.
The Flowise security advisory (GHSA-x5w6-38gp-mrqh) and associated HackerOne report detail the issue and confirm mitigation by upgrading to version 3.1.0, which enforces HTTPS for password reset links. No additional workarounds are specified, emphasizing the need for immediate patching on cloud.flowiseai.com deployments.
Flowise's focus on LLM orchestration introduces AI/ML relevance, as account compromise could enable attackers to manipulate or exfiltrate custom model flows, though no public evidence of real-world exploitation exists as of the CVE publication on 2026-04-23.
Details
- CWE(s)
Affected Products
AI Security AnalysisAI
- AI Category
- Other AI Platforms
- Risk Domain
- N/A
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: large language model