CVE-2026-46443: FlowiseAI Vulnerable to Credential Data Leak

May 14, 2026 (updated June 9, 2026)

Severity: HIGH (CVSS ~7.5) Type: CWE-200 (Exposure of Sensitive Information) File: packages/server/src/services/credentials/index.ts:62-71

Description: When credentials are fetched with a credentialName filter parameter, the encryptedData field is NOT stripped from the response. The code properly omits encryptedData when NO filter is used (line 102) but fails to do so when a filter IS used (lines 62-63, 70-71). Credential Data Leak Evidence:

// Lines 62-63: WITH filter - encryptedData LEAKED
const credentials = await appServer.AppDataSource.getRepository(Credential).findBy(searchOptions)
dbResponse.push(...credentials)  // encryptedData NOT removed!

// Lines 100-102: WITHOUT filter - encryptedData properly omitted
for (const credential of credentials) {
dbResponse.push(omit(credential, ['encryptedData']))  // Correctly omitted
}

Impact: Authenticated users can extract encrypted credential data (API keys, passwords, tokens for services like OpenAI, AWS, etc.). Combined with access to the encryption key file (~/.flowise/encryption.key written with default permissions), this enables full credential theft.

Reproduction:

curl https://TARGET/api/v1/credentials?credentialName=openAIApi \
-H "Authorization: Bearer API_KEY"

References

Code Behaviors & Features

Detect and mitigate CVE-2026-46443 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →