{"id":232697,"date":"2026-04-08T08:25:00","date_gmt":"2026-04-08T12:25:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/04\/08\/hackers-exploit-a-critical-flowise-flaw-affecting-thousands-of-ai-workflows\/"},"modified":"2026-04-08T20:06:52","modified_gmt":"2026-04-09T00:06:52","slug":"hackers-exploit-a-critical-flowise-flaw-affecting-thousands-of-ai-workflows","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/04\/08\/hackers-exploit-a-critical-flowise-flaw-affecting-thousands-of-ai-workflows\/","title":{"rendered":"Hackers exploit a critical Flowise flaw affecting thousands of AI workflows"},"content":{"rendered":"<p><a href=\"https:\/\/www.csoonline.com\/article\/4155680\/hackers-exploit-a-critical-flowise-flaw-affecting-thousands-of-ai-workflows.html\">Hackers exploit a critical Flowise flaw affecting thousands of AI workflows<\/a><\/p>\n<p><a href=\"https:\/\/www.csoonline.com\/article\/4155680\/hackers-exploit-a-critical-flowise-flaw-affecting-thousands-of-ai-workflows.html\">https:\/\/www.csoonline.com\/article\/4155680\/hackers-exploit-a-critical-flowise-flaw-affecting-thousands-of-ai-workflows.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-04-08 08:25:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.csoonline.com\">www.csoonline.com<\/a><\/p>\n<h2 class=\"wp-block-heading\">Hackers exploit unpatched instances<\/h2>\n<p>While a patch has been available for months, a recent VulnCheck finding places the first in-the-wild exploitation on April 6. Caitlin Condon, VP of Security Research at the vulnerability intelligence company, warned of the abuse through a LinkedIn post.<\/p>\n<p>\u201cEarly this morning, VulnCheck\u2019s Canary network began detecting first-time exploitation of CVE-2025-59528, an arbitrary JavaScript code injection vulnerability in Flowise,\u201d she wrote. \u201cObserved activity so far originates from a single Starlink IP.\u201d Around 12000 to 15000 instances remained exposed at the time, she noted in her post, although it is unclear how many of them were running a vulnerable Flowise version.<\/p>\n<p>Condon added two more critical Flowise vulnerabilities, a missing authentication (CVE-2025-8943) and an arbitrary file upload (CVE-2025-26319), in the post that she said were also flagged against active exploitation by the Canary network. Exclusive exploitation details, including full payload and request data, were promised to the Canary Intelligence customers. Additionally, an exploit, PCAP, YARA rule, network signatures, and target Docker container have been available to its Initial Access Intelligence customers.<\/p>\n<p><a href=\"https:\/\/www.csoonline.com\/article\/4155680\/hackers-exploit-a-critical-flowise-flaw-affecting-thousands-of-ai-workflows.html\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hackers exploit a critical Flowise flaw affecting thousands of AI workflows https:\/\/www.csoonline.com\/article\/4155680\/hackers-exploit-a-critical-flowise-flaw-affecting-thousands-of-ai-workflows.html Publish Date: 2026-04-08&#8230;<\/p>\n","protected":false},"author":1,"featured_media":232698,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.csoonline.com\/wp-content\/uploads\/2026\/04\/4155680-0-59164700-1775651083-shutterstock_2270845563.jpg?quality=50&strip=all&w=1024","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,31,27],"class_list":["post-232697","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-exploit","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/232697"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=232697"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/232697\/revisions"}],"predecessor-version":[{"id":232699,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/232697\/revisions\/232699"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/232698"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=232697"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=232697"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=232697"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}