A vulnerability labeled as problematic has been found in Flowise up to 3.0.5 . This issue affects the function streamStorageFile of the file /api/v1/get-upload-file . Such manipulation of the argument chatId leads to file inclusion. This vulnerability is listed as CVE-2025-71324 . The attack may be performed from remote. There is no available exploit. The affected component should be upgraded.