A vulnerability was found in Flowise up to 3.0.12 and classified as problematic . The impacted element is an unknown function of the file /api/v1/account/forgot-password . Executing a manipulation can lead to information disclosure. The identification of this vulnerability is CVE-2026-56267 . The attack may be launched remotely. There is no exploit available. It is suggested to upgrade the affected component.