Critical severityNVD Advisory· Published Oct 17, 2025· Updated Oct 17, 2025
CVE-2025-57164
CVE-2025-57164
Description
Flowise through v3.0.4 is vulnerable to remote code execution via unsanitized evaluation of user input in the "Supabase RPC Filter" field.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
flowisenpm | >= 3.0.5, < 3.0.6 | 3.0.6 |
Affected products
2- Flowise/Flowisedescription
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-7944-7c6r-55vvghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-57164ghsaADVISORY
- github.com/FlowiseAI/Flowise/blob/flowise%403.0.5/packages/components/nodes/vectorstores/Supabase/Supabase.tsghsaWEB
- github.com/FlowiseAI/Flowise/blob/main/packages/components/nodes/vectorstores/Supabase/Supabase.tsghsaWEB
- github.com/FlowiseAI/Flowise/releases/tag/flowise%403.0.6ghsaWEB
- github.com/FlowiseAI/Flowise/security/advisories/GHSA-7944-7c6r-55vvghsaWEB
News mentions
0No linked articles in our index yet.