Maerifat Majeed

**Name of the Vulnerable Software and Affected Versions** FlowiseAI Inc Flowise versions 1.6.2 and before FlowiseAI Inc Flowise versions prior to 1.8.1 **Description** An issue in FlowiseAI Inc Flowise allows a remote attacker to execute arbitrary code via a crafted script sent to the `/api/v1` component. The root cause is inadequate input validation. This issue is actively exploited in the wild. **Recommendations** FlowiseAI Inc Flowise versions prior to 1.8.1 should be updated. FlowiseAI Inc Flowise version 1.6.2 and lower should be updated.