CVE-2026-46480: FlowiseAI: Evaluator create+update mass-assignment allows cross-workspace evaluator takeover
(updated )
Type: Mass assignment via Object.assign(entity, body) -> client-controlled workspaceId (and on create, id) overwritten on the Evaluator entity -> cross-workspace data takeover and IDOR.
File: packages/server/src/Interface.Evaluation.ts
Root cause: The Evaluator controller/service constructs a new Evaluator() and copies the request body into it via Object.assign(...) without an explicit field allowlist. The request body therefore can include workspaceId, id, createdDate, updatedDate. The server only rebinds some of these after the assign (e.g. on create, it overwrites workspaceId but not id; on update, it overwrites id but not workspaceId). The remaining client-controlled values land directly on the persisted row, breaking workspace isolation. Same root pattern as the evaluator entity’s sibling controllers and as DocumentStore before it was patched in commit 840d2ae.
References
- github.com/FlowiseAI/Flowise/commit/dc07f4062b852033554543a3cff3daf3433b0dac
- github.com/FlowiseAI/Flowise/pull/6050
- github.com/FlowiseAI/Flowise/releases/tag/flowise%403.1.2
- github.com/FlowiseAI/Flowise/security/advisories/GHSA-wxrr-jp8m-qq7f
- github.com/advisories/GHSA-wxrr-jp8m-qq7f
- nvd.nist.gov/vuln/detail/CVE-2026-46480
Code Behaviors & Features
Detect and mitigate CVE-2026-46480 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →