Low severity3.7NVD Advisory· Published May 6, 2026· Updated May 7, 2026
CVE-2026-8026
CVE-2026-8026
Description
A security flaw has been discovered in FlowiseAI Flowise up to 3.0.12. Affected is the function Login of the file packages/server/src/enterprise/services/account.service.ts of the component API Response Handler. The manipulation results in information disclosure. The attack can be launched remotely. A high complexity level is associated with this attack. The exploitability is told to be difficult. You should upgrade the affected component.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
flowisenpm | <= 3.0.12 | — |
Affected products
2Patches
Vulnerability mechanics
References
6- gist.github.com/YLChen-007/50a553f09aa1c7c04ce18cec13986a91nvdExploitThird Party AdvisoryWEB
- github.com/advisories/GHSA-8f47-4rh3-x44mghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2026-8026ghsaADVISORY
- vuldb.com/submit/777656nvdThird Party AdvisoryVDB EntryWEB
- vuldb.com/vuln/361273nvdThird Party AdvisoryVDB EntryWEB
- vuldb.com/vuln/361273/ctinvdPermissions RequiredVDB EntryWEB
News mentions
0No linked articles in our index yet.