CVE-2026-8027 | FlowiseAI Flowise up to 3.0.12 User Controller userId/organizationId/workspaceId/email authorization

A vulnerability has been found in FlowiseAI Flowise up to 3.0.12 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component User Controller Handler. This manipulation of the argument userId/organizationId/workspaceId/email causes authorization bypass.

This vulnerability appears as CVE-2026-8027. The attack may be initiated remotely. There is no available exploit.

The affected component should be upgraded.VulDB Recent EntriesRead More