A vulnerability marked as critical has been reported in Flowise up to 3.0.x . Affected by this issue is some unknown functionality of the file httpSecurity.ts of the component HTTP Request Handler . This manipulation causes server-side request forgery. This vulnerability is handled as CVE-2026-56275 . The attack can be initiated remotely. There is not any exploit available. It is suggested to upgrade the affected component.