VIR Vulnerability Intelligence Relay

Package impact

npm npm / flowise-components

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-43995 critical 9.8 9.8 17d ago Flowise: SSRF Protection Bypass via Direct node-fetch / axios Usage (Patch Enforcement Failure)
CVE-2026-41274 critical 9.8 9.8 1mo ago Flowise: Cypher Injection in GraphCypherQAChain