Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, the NVIDIA NIM router (/api/v1/nvidia-nim/*) is whitelisted in the global authentication middleware, allowing unauthenticated access to privileged container management and token generation endpoints. This issue has been patched in version 3.0.13.
Published: 2026-03-07
CVSS: 9.8
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Download Exploit for CVE-2026-30824 here:
Use Tor Browser to access .onion site.
https://sonitex.com/exploit-527-cve-2026-28115/
https://sonitex.com/exploit-767-cve-2026-31896/
https://sonitex.com/exploit-487-cve-2025-70222/