A critical security flaw in FlowiseAI’s password reset mechanism has been uncovered, enabling attackers to commandeer user accounts with virtually no effort.
Tracked as CVE-2025-58434, the vulnerability impacts both cloud-hosted and self-hosted deployments of the popular AI workflow automation platform.
With a CVSS 3.1 score of 9.8, this issue demands immediate attention from all organizations using FlowiseAI.
Critical Flaw in Password Reset Implementation
The root cause of the vulnerability resides in the /api/v1/account/forgot-password endpoint.
Rather than adhering to secure practices—where a temporary reset token is dispatched exclusively via email—the API response directly returns sensitive user information.
| CVE Number | Affected Product | Vulnerability Type | CVSS 3.1 Score |
|---|---|---|---|
| CVE-2025-58434 | FlowiseAI (npm package flowise) | Unauthenticated Password Reset Token Disclosure | 9.8 (Critical) |
Upon submitting a password reset request for any email address, the endpoint delivers the following in its payload: the user ID, name, email address, hashed credentials, and most alarmingly, a valid tempToken.
This token can be immediately leveraged to reset the target’s password, effectively bypassing any email-based verification step.
The flaw exists in all FlowiseAI versions before 3.0.5, and no official patch has been released to date.
Exploitation is trivially straightforward, requiring only the victim’s email address—often easily obtained through reconnaissance or public sources.
Attackers execute two HTTP requests: first, a POST to the forgot-password endpoint with the target’s email; second, a POST to the reset-password endpoint supplying the exposed token and a new password.
No authentication credentials or user interaction are necessary, rendering the attack completely silent and stealthy.
Victims will remain unaware until login attempts fail or unauthorized actions are detected.
The elevated severity of this vulnerability stems from its minimal attack complexity combined with the potential for full account compromise.
Administrator and high-privilege accounts are equally susceptible, putting entire organizational deployments at risk.
An attacker gaining administrative access can manipulate AI workflows, exfiltrate sensitive data, and even introduce malicious automation tasks.
The consequences range from data breaches and operational disruption to full-scale organizational takeover.
Urgent Mitigation and Monitoring Recommendations
Until FlowiseAI issues a security patch, organizations should adopt the following countermeasures:
- Restrict Access: Temporarily limit access to the password reset API by applying network controls or API gateways that enforce strict authentication requirements.
- Monitor Reset Activity: Implement real-time monitoring of password reset requests, flagging any anomalous spike in requests or instances of reset tokens being issued without corresponding email confirmations.
- Enforce MFA: Apply multi-factor authentication for all user accounts, especially administrators, so that even a successful password reset alone cannot grant full access.
- Audit Logs: Review and retain detailed audit logs of password reset and reset-password API calls to identify potential misuse and assist in incident response.
- Update Promptly: Once FlowiseAI releases version 3.0.5 or later with the fix, prioritize upgrading all environments—both cloud and self-hosted—to eliminate exposure.
The discovery of CVE-2025-58434 underscores the importance of rigorous API security and secure coding practices.
Organizations must act swiftly to defend against this high-risk vulnerability before attackers can exploit it at scale.
Find this Story Interesting! Follow us on Google News , LinkedIn, and X to Get More Instant Updates
%20(1)%20(1).webp?resize=1600,900&ssl=1&description=FlowiseAI+Password+Reset+Token+Flaw+Enables+Account+Takeover){kind=link}