EUVD-2026-27830

🗓️ 06 May 2026 15:32:42Reported by EUVDType

FlowiseAI 3.0.12 has authorization bypass via User Controller Handler argument manipulation; upgrade.

Reporter	Title	Published	Views	Family All 8
ATTACKERKB	CVE-2026-8027	6 May 202613:45	–	attackerkb
Circl	CVE-2026-8027	6 May 202618:01	–	circl
CNNVD	Flowise 授权问题漏洞	6 May 202600:00	–	cnnvd
CVE	CVE-2026-8027	6 May 202613:45	–	cve
Cvelist	CVE-2026-8027 FlowiseAI Flowise User Controller authorization	6 May 202613:45	–	cvelist
NVD	CVE-2026-8027	6 May 202615:16	–	nvd
Positive Technologies	PT-2026-37640	6 May 202600:00	–	ptsecurity
Vulnrichment	CVE-2026-8027 FlowiseAI Flowise User Controller authorization	6 May 202613:45	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "a154322b-7c24-3575-97de-3f53e257e304",
        "vendor": {
          "name": "FlowiseAI"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "059d8a00-2bea-32b7-9d8b-2b2435b9c1d4",
        "product": {
          "name": "Flowise"
        },
        "product_version": "3.0.11"
      },
      {
        "id": "24ebb173-a5a7-32ae-9204-c98c3527be9b",
        "product": {
          "name": "Flowise"
        },
        "product_version": "3.0.9"
      },
      {
        "id": "3da113db-8d16-3b2b-b65c-c14e5aa3ac28",
        "product": {
          "name": "Flowise"
        },
        "product_version": "3.0.0"
      },
      {
        "id": "5342c9cb-9160-331b-8e6d-dcb60eed32a4",
        "product": {
          "name": "Flowise"
        },
        "product_version": "3.0.1"
      },
      {
        "id": "564bac9c-ff23-3aeb-b281-3a268b243e79",
        "product": {
          "name": "Flowise"
        },
        "product_version": "3.0.5"
      },
      {
        "id": "8433074e-05cf-36e0-8f22-e27aac87c41b",
        "product": {
          "name": "Flowise"
        },
        "product_version": "3.0.10"
      },
      {
        "id": "97820445-4f4c-39d0-b9e7-7ed9720b1987",
        "product": {
          "name": "Flowise"
        },
        "product_version": "3.0.7"
      },
      {
        "id": "bc03d5c6-573f-39fa-a68f-582605c5af5f",
        "product": {
          "name": "Flowise"
        },
        "product_version": "3.0.2"
      },
      {
        "id": "c7581bee-1bee-3c1d-b14c-35e458abfcf4",
        "product": {
          "name": "Flowise"
        },
        "product_version": "3.0.6"
      },
      {
        "id": "c7b30f3a-e25b-34a0-815e-c8ce47561ed4",
        "product": {
          "name": "Flowise"
        },
        "product_version": "3.0.3"
      },
      {
        "id": "cc21320e-84da-3268-a78b-b929876258b4",
        "product": {
          "name": "Flowise"
        },
        "product_version": "3.0.4"
      },
      {
        "id": "f9896a50-715a-37cc-b745-13121875b162",
        "product": {
          "name": "Flowise"
        },
        "product_version": "3.0.8"
      },
      {
        "id": "fecc8a78-af76-33f3-a5d5-63f9a8e04aab",
        "product": {
          "name": "Flowise"
        },
        "product_version": "3.0.12"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/vuln/361274
vuldb	www.vuldb.com/vuln/361274/cti
vuldb	www.vuldb.com/submit/777657
gist	www.gist.github.com/YLChen-007/3584e6ffa0bba6367328ecf0b46b0e4b
nvd	www.nvd.nist.gov/vuln/detail/CVE-2026-8027

06 May 2026 15:32Current

5.6Medium risk

Vulners AI Score5.6

CVSS 45.3

CVSS 24

CVSS 3.14.3

CVSS 34.3

EPSS0.00026