{"id":7691,"date":"2026-04-07T06:12:19","date_gmt":"2026-04-07T06:12:19","guid":{"rendered":"https:\/\/news.cybertechworld.co.in\/index.php\/2026\/04\/07\/flowise-ai-agent-builder-under-active-cvss-10-0-rce-exploitation-12000-instances-exposed\/"},"modified":"2026-04-07T06:12:19","modified_gmt":"2026-04-07T06:12:19","slug":"flowise-ai-agent-builder-under-active-cvss-10-0-rce-exploitation-12000-instances-exposed","status":"publish","type":"post","link":"https:\/\/news.cybertechworld.co.in\/index.php\/2026\/04\/07\/flowise-ai-agent-builder-under-active-cvss-10-0-rce-exploitation-12000-instances-exposed\/","title":{"rendered":"Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed"},"content":{"rendered":"

\u200bThreat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) platform, according to new findings from VulnCheck.
\nThe vulnerability in question\u00a0is CVE-2025-59528 (CVSS score: 10.0), a code injection vulnerability that could result in remote code execution.
\n“The CustomMCP node allows users to input configuration settings for connecting\u00a0Threat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) platform, according to new findings from VulnCheck.
\nThe vulnerability in question\u00a0is CVE-2025-59528 (CVSS score: 10.0), a code injection vulnerability that could result in remote code execution.
\n“The CustomMCP node allows users to input configuration settings for connecting\u00a0\u00a0The Hacker News<\/p>","protected":false},"excerpt":{"rendered":"

\u200bThreat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) platform, according to new findings from VulnCheck. The vulnerability in question\u00a0is CVE-2025-59528 (CVSS score: 10.0), a code injection vulnerability that could result in remote code execution. “The CustomMCP node allows users to input configuration settings for connecting\u00a0Threat actors are exploiting… Read More »Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed<\/span><\/a><\/p>\n","protected":false},"author":0,"featured_media":7692,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"","neve_meta_content_width":0,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":"","_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/7691"}],"collection":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/comments?post=7691"}],"version-history":[{"count":0,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/7691\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media\/7692"}],"wp:attachment":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media?parent=7691"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/categories?post=7691"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/tags?post=7691"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}