CVE-2026-8026 Overview
CVE-2026-8026 is an information disclosure vulnerability affecting FlowiseAI Flowise versions up to 3.0.12. The flaw resides in the Login function of packages/server/src/enterprise/services/account.service.ts within the API Response Handler component. An attacker can manipulate the API response to extract sensitive information remotely without authentication. The vulnerability is classified under [CWE-200: Exposure of Sensitive Information to an Unauthorized Actor]. Exploitation is rated as high complexity, and a public proof-of-concept has been published. Administrators should upgrade Flowise to a version above 3.0.12.
Critical Impact
Remote attackers can extract sensitive account information through the Flowise enterprise login API without prior authentication.
Affected Products
- FlowiseAI Flowise versions up to and including 3.0.12
- Flowise Enterprise account service component
- Deployments exposing the Flowise API to untrusted networks
Discovery Timeline
- 2026-05-06 - CVE-2026-8026 published to NVD
- 2026-05-06 - Last updated in NVD database
Technical Details for CVE-2026-8026
Vulnerability Analysis
The vulnerability lives in the Login function inside packages/server/src/enterprise/services/account.service.ts. This function handles authentication requests for the Flowise enterprise account service. The API response returned by this handler exposes data that should remain internal to the server. An unauthenticated attacker can send crafted login requests over the network and parse the response to recover sensitive account-related information. The flaw is mapped to [CWE-200], representing improper exposure of information to an unauthorized actor. Exploitation requires no privileges and no user interaction, but the public assessment notes high attack complexity, suggesting the attacker must satisfy specific conditions to reliably retrieve useful data.
Root Cause
The root cause is improper output filtering in the API response handler. The Login function returns response objects that contain fields beyond what the authentication contract requires. Sensitive properties tied to user accounts are serialized into the JSON response rather than being stripped before transmission. Without a strict response schema or data transfer object, internal state leaks to external callers.
Attack Vector
The attack vector is network-based and remote. An attacker sends HTTP requests to the Flowise enterprise login endpoint and inspects the JSON response payload. By manipulating request parameters, the attacker triggers responses that include disclosed account data. No authentication or user interaction is required, but reliable extraction depends on environmental conditions that increase exploitation complexity. A public proof-of-concept script is referenced in GitHub Gist PoC Script and additional analysis is available in VulDB Vulnerability #361273.
Detection Methods for CVE-2026-8026
Indicators of Compromise
- Anomalous volumes of POST requests to the Flowise enterprise login endpoint from a single source IP
- Login API responses containing fields beyond standard authentication tokens or status codes
- Repeated failed login attempts followed by enumeration of valid account identifiers
- User-agent strings matching the published proof-of-concept script
Detection Strategies
- Inspect HTTP response bodies from the Flowise login route for unexpected account metadata fields
- Compare deployed Flowise versions against 3.0.12 using software inventory tools
- Apply web application firewall rules that flag high-frequency login attempts targeting /api/v1 enterprise endpoints
Monitoring Recommendations
- Centralize Flowise application and reverse proxy logs into a SIEM for correlation
- Alert on bursts of HTTP 200 responses to login attempts originating from non-corporate IP ranges
- Track outbound data sizes from the login endpoint and alert on responses larger than baseline
How to Mitigate CVE-2026-8026
Immediate Actions Required
- Upgrade FlowiseAI Flowise to a version later than 3.0.12 as soon as a fixed release is available
- Restrict network exposure of Flowise enterprise endpoints to trusted networks or VPN clients
- Rotate credentials for any accounts that may have been queried through the login endpoint
- Review reverse proxy and application logs for indicators referenced above
Patch Information
The vendor recommends upgrading the affected component. At publication, refer to the VulDB Vulnerability #361273 entry and the FlowiseAI project release notes for the corrected version that sanitizes the Login API response in account.service.ts.
Workarounds
- Place Flowise behind an authenticated reverse proxy that strips unexpected response fields
- Apply WAF rules that block or rewrite responses containing sensitive account properties from the login route
- Disable or firewall enterprise login endpoints if they are not in active use
- Limit login endpoint access by IP allowlist until the upgrade is applied
# Example nginx restriction limiting Flowise login endpoint to trusted CIDRs
location /api/v1/account/login {
allow 10.0.0.0/8;
allow 192.168.0.0/16;
deny all;
proxy_pass http://flowise_backend;
}
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
