Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

The Flowise AI Agent Builder is actively being exploited due to a critical CVSS 10.0 remote code execution vulnerability (CVE-2025-59528), affecting over 12,000 exposed instances. This flaw allows attackers to execute arbitrary JavaScript code, leading to potential system compromise and data exfiltration.

Edward Kiledjian @ekiledjian