CVE-2026-8028 | FlowiseAI Flowise up to 3.0.12 Endpoint account.service.ts verify information disclosure

Inserito da Angelo Barbosa | Mag 6, 2026 | CVE

A vulnerability was found in FlowiseAI Flowise up to 3.0.12. It has been classified as problematic. This affects the function verify of the file packages/server/src/enterprise/services/account.service.ts of the component Endpoint. Performing a manipulation results in information disclosure.

This vulnerability is known as CVE-2026-8028. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

Upgrading the affected component is recommended.

CVE-2026-8028 | FlowiseAI Flowise up to 3.0.12 Endpoint account.service.ts verify information disclosure

Post correlati

CVE-2024-26300 | HPE Aruba ClearPass Policy Manager up to 6.9.13/6.10.8/6.11.6/6.12.0 Guest Interface cross site scripting (ARUBA-PSA-2024-001)

CVE-2026-2864 | feng_ha_ha/megagao ssm-erp/production_ssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097 PictureController.java pictureDelete picName path traversal (Issue 38)

CVE-2025-42935 | SAP NetWeaver AS for ABAP and ABAP Platform up to KRNL64UC 7.22 Internet Communication Manager log file

CVE-2024-24572 | WillyXJ facileManager up to 4.5.0 Parameter admin-logs.php extract $_REQUEST sql injection (GHSA-xw34-8pj6-75gc)