CVE-2025-58434 | FlowiseAI Flowise up to 3.0.5 forgot-password Endpoint missing authentication (GHSA-wgpv-6j63-x5ph)

A vulnerability, which was classified as critical, has been found in FlowiseAI Flowise up to 3.0.5. Affected by this vulnerability is an unknown functionality of the component forgot-password Endpoint. The manipulation leads to missing authentication.

This vulnerability is uniquely identified as CVE-2025-58434. The attack is possible to be carried out remotely. No exploit exists.

It is recommended to apply a patch to fix this issue.VulDB Recent EntriesRead More