B3NCLOUD ARTICLE INTELLIGENCE

ARTICLEVIEW

Zurück zu News

CVE-2026-56278 - Flowise - Session Hijacking via Weak Default Express Session Secret

CVE ID :CVE-2026-56278 Published : June 30, 2026, 10:08 p.m. | 1 hour, 4 minutes ago Description :Flowise before 3.1.0 (affected versions 3.0.13 and earlier) uses a weak hardcoded default secret ('flowise') for the express-session middleware when the EXPRESS_SESSION_SECRET environment...

Original-Artikel öffnen Zurück zur Übersicht