Critical FlowiseAI password reset flaw exposes accounts to complete takeover
Take action: THIS ONE IS URGENT AND IMPORTANT! Immediately upgrade to FlowiseAI 3.0.6 or later, because all your user accounts are exposed to account takeover. If you can't upgrade right away, disable public access to the /api/v1/account/forgot-password endpoint until you can patch.
Learn More
FlowiseAI, an open-source artificial intelligence workflow automation platform, is reporting a critical security vulnerability that enables unauthenticated attackers to compromise user accounts with minimal effort. The vulnerability affects both the cloud-hosted service and self-hosted deployments.
The security flaw is tracked as CVE-2025-58434 (CVSS score 9.8) and is caused by the password reset mechanism in the /api/v1/account/forgot-password endpoint. Instead of following secure practices where password reset tokens are sent exclusively via email, the vulnerable API directly returns sensitive user information including the user ID, name, email address, hashed credentials, account status, timestamps, and a valid password reset token (tempToken) along with its expiration time.
An attacker needs to execute just two HTTP requests: first, a POST request to the forgot-password endpoint with the target's email address, and second, a POST request to the reset-password endpoint using the exposed token to set a new password.
FlowiseAI versions below 3.0.5 are vulnerable to this flaw. The vulnerability affects both the cloud service available at cloud.flowiseai.com and any self-hosted or local FlowiseAI deployments that expose the same API endpoints. It's not clear when and if the cloud service was patched.
FlowiseAI has addressed this vulnerability in version 3.0.6.
Organizations using FlowiseAI should immediately upgrade to version 3.0.6 or later. As an interim mitigation for those unable to upgrade immediately, administrators should disable public access to the vulnerable /api/v1/account/forgot-password endpoint.
