Flowise Cloud Cross-Tenant Sensitive Data Exposure Vulnerability

A critical vulnerability in Flowise Cloud, affecting users on the free tier, allows access to sensitive environment variables from other tenants. This issue arises in the Custom JavaScript Function node, where the execution context is improperly populated with variables from all workspaces, rather than just the current one. As a result, users can extract confidential information such as OpenAI API keys, AWS credentials, Supabase tokens, and Google Cloud secrets, leading to full cross-tenant data exposure. The vulnerability has been patched in the August 2025 update.

Impact

Exploitation of this vulnerability results in unauthorized access to sensitive environment variables from other tenants, including API keys and credentials for various services. This could lead to credential leakage, abuse of paid third-party APIs, access to internal database URIs, and potential lateral movement or compromise of user data.

Reproduction

To reproduce this vulnerability, create a free-tier Flowise Cloud account. Then, send a POST request to the '/api/v1/node-custom-function' endpoint with a payload that includes a JavaScript function designed to extract environment variable names from the '$vars' object. The response will contain a list of variable names, including sensitive credentials from other tenants.

Remediation

Users are advised to update to the patched version of Flowise Cloud, available as of August 2025, and to revoke any leaked credentials that may have been exposed due to this vulnerability.