CVE-2026-8027 Overview
CVE-2026-8027 is an authorization bypass vulnerability in FlowiseAI Flowise versions up to 3.0.12. The flaw resides in the User Controller Handler component and stems from improper authorization enforcement [CWE-285]. Attackers can manipulate the userId, organizationId, workspaceId, or email parameters to access resources belonging to other users, organizations, or workspaces. The vulnerability is exploitable remotely over the network and requires only low-privileged authenticated access. A proof-of-concept has been published publicly, increasing the likelihood of opportunistic exploitation against exposed Flowise instances.
Critical Impact
Authenticated low-privilege users can bypass authorization checks to read or interact with data belonging to other tenants, including users, organizations, and workspaces in multi-tenant Flowise deployments.
Affected Products
- FlowiseAI Flowise versions up to and including 3.0.12
- User Controller Handler component
- Multi-tenant Flowise deployments exposing user, organization, or workspace endpoints
Discovery Timeline
- 2026-05-06 - CVE-2026-8027 published to NVD
- 2026-05-06 - Last updated in NVD database
Technical Details for CVE-2026-8027
Vulnerability Analysis
The vulnerability exists in the User Controller Handler of FlowiseAI Flowise, an open-source platform for building large language model (LLM) workflows. Request handlers accept user-controlled identifiers including userId, organizationId, workspaceId, and email without verifying that the authenticated principal owns or is authorized to access the targeted resource. An attacker who holds any valid account can substitute identifiers belonging to other tenants and receive responses scoped to those tenants.
The weakness aligns with [CWE-285: Improper Authorization]. The application performs authentication but fails to enforce object-level authorization, a class of flaw commonly described as Broken Object Level Authorization (BOLA) in API security taxonomies. The impact is limited to confidentiality of data returned by the affected endpoints, with no direct integrity or availability consequences observed.
Root Cause
The root cause is missing or insufficient authorization checks on identifier parameters processed by the User Controller. The handler trusts client-supplied userId, organizationId, workspaceId, and email values to scope queries instead of deriving the active scope from the authenticated session. This design gap allows any authenticated caller to enumerate or query resources belonging to arbitrary tenants.
Attack Vector
Exploitation occurs over the network against a reachable Flowise instance. The attacker authenticates with low-privilege credentials, then issues HTTP requests to user controller endpoints while substituting target identifiers in the query string, path, or request body. No user interaction is required. Public proof-of-concept material is available on a GitHub Gist and indexed by VulDB entry 361274, lowering the barrier to weaponization.
No verified code examples are reproduced here. Refer to the linked advisory and proof-of-concept for technical details.
Detection Methods for CVE-2026-8027
Indicators of Compromise
- HTTP requests to Flowise user controller endpoints where the supplied userId, organizationId, workspaceId, or email value does not match the authenticated session principal.
- Sequential or enumerative access patterns iterating through identifier values from a single account.
- Successful 2xx responses to cross-tenant resource lookups in Flowise application logs.
Detection Strategies
- Inspect Flowise application and reverse-proxy logs for parameter tampering on user controller routes, correlating the authenticated user identifier with the requested object identifier.
- Deploy web application firewall (WAF) rules that flag requests in which path or body identifiers diverge from session context.
- Hunt for anomalous volumes of requests to /api/v1/users, organization, or workspace endpoints originating from a single low-privileged session.
Monitoring Recommendations
- Enable verbose access logging on Flowise and forward logs to a centralized analytics platform for correlation.
- Alert on authentication events from the same account followed by access to multiple distinct organizationId or workspaceId values within short windows.
- Track outbound data volumes from Flowise to identify bulk extraction consistent with authorization bypass abuse.
How to Mitigate CVE-2026-8027
Immediate Actions Required
- Upgrade FlowiseAI Flowise to a version later than 3.0.12 that addresses the User Controller authorization checks.
- Restrict network exposure of Flowise instances to trusted networks or place them behind an authenticating reverse proxy.
- Audit existing accounts and revoke credentials that are not strictly required, reducing the population of low-privileged users that could exploit the flaw.
- Review application logs for historical evidence of cross-tenant access patterns described above.
Patch Information
The vendor advisory indicates that the affected component should be upgraded. Consult the VulDB entry and the project release notes for the fixed version and applicable upgrade path. Apply the upgrade across all Flowise instances, including development and staging environments, since the proof-of-concept is publicly available.
Workarounds
- If immediate upgrade is not feasible, place Flowise behind an API gateway that enforces session-to-tenant binding on user controller routes.
- Disable or firewall the affected user, organization, and workspace endpoints until patching is complete.
- Reduce the number of authenticated users on shared Flowise deployments and segregate sensitive workloads onto dedicated instances.
# Configuration example: restrict Flowise exposure with an upstream proxy ACL
# nginx snippet limiting access to an internal CIDR range
location /api/v1/ {
allow 10.0.0.0/8;
deny all;
proxy_pass http://flowise_upstream;
}
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
