Low severity3.7NVD Advisory· Published May 6, 2026· Updated May 7, 2026
CVE-2026-8028
CVE-2026-8028
Description
A vulnerability was detected in FlowiseAI Flowise up to 3.0.12. This affects the function verify of the file packages/server/src/enterprise/services/account.service.ts of the component Endpoint. Performing a manipulation results in information disclosure. Remote exploitation of the attack is possible. The attack is considered to have high complexity. It is indicated that the exploitability is difficult. The exploit is now public and may be used. Upgrading the affected component is recommended.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
4- gist.github.com/YLChen-007/1d52497b0221835f99367be61612746bnvdExploitThird Party Advisory
- vuldb.com/submit/777659nvdThird Party AdvisoryVDB Entry
- vuldb.com/vuln/361276nvdThird Party AdvisoryVDB Entry
- vuldb.com/vuln/361276/ctinvdPermissions RequiredVDB Entry
News mentions
0No linked articles in our index yet.