CYBERHAWK / CVE / CVE-2026-46440

CVE-2026-46440

CRITICAL CVSS 9.1 other

The flaw

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, the checkBasicAuth endpoint validates credentials in plaintext without rate limiting and with direct comparison. This issue has

What to do

Review advisory and patch per vendor guidance.

▸ Scan my repo for CVE-2026-46440

References

NVD CISA KEV OSV GitHub Advisory MITRE News search

First seen 2026-06-12 · Tracked by PickBits CyberHawk · Weekly CVE digest

← All CVEs RSS Scheduled audits