Attackers Exploiting Critical Flowise Vulnerability CVE-2025-59528 for Remote Code Execution

📌 Attackers are actively exploiting a critical vulnerability in Flowise, identified as CVE-2025-59528 with a CVSS score of 10, which allows remote code execution and unauthorized file system access. The flaw arises from improper validation of user-supplied JavaScript, enabling malicious actors to execute arbitrary code on affected systems. No specific timeline, affected versions, or geographic targeting were disclosed in the report. The vulnerability poses a severe risk due to its maximum severity rating and ongoing exploitation in the wild. Technical details confirm the attack vector involves unchecked JavaScript input leading to remote compromise.