Product
flowring agentflow
9 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-2099
CVE-2026-2098
CVE-2026-2097
CVE-2026-2096
CVE-2026-2095
CVE-2025-3709
CVE-2022-39038
CVE-2022-39037
CVE-2022-39036
< 4.0.0.1878.877
AgentFlow developed by Flowring has a Stored Cross-Site Scripting vulnerability, allowing authenticated remote attackers to inject
< 4.0.0.1878.877
AgentFlow developed by Flowring has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to e
all versions
Agentflow developed by Flowring has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and
all versions
Agentflow developed by Flowring has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, mod
all versions
Agentflow developed by Flowring has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to exploit a
all versions
Agentflow from Flowring Technology has an Account Lockout Bypass vulnerability, allowing unauthenticated remote attackers to explo
all versions
Agentflow BPM enterprise management system has improper authentication. A remote attacker with general user privilege can change t
all versions
Agentflow BPM file download function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulne
all versions
The file upload function of Agentflow BPM has insufficient filtering for special characters in URLs. An unauthenticated remote att