CVE-2025-11899 Flowring Technology｜Agentflow - Use of Hard-coded Cryptographic Key

Agentflow developed by Flowring has an Use of Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit the fixed key to generate verification information, thereby logging into the system as any user. Attacker must first obtain an user ID in order to exploit...

CVE-2025-11898

Flowring’s Agentflow is affected by CVE-2025-11898, an Arbitrary File Reading vulnerability exposed via Relative Path Traversal. Unauthenticated remote attackers can download arbitrary system files, highlighting a high confidentiality impact and network-based, low-complexity exploitation (no user...

EUVD-2025-13297

Malicious code in bioql PyPI...

CVE-2025-3709

Agentflow from Flowring Technology has an Account Lockout Bypass vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to perform password brute force attack...

CVE-2025-3709

Agentflow from Flowring Technology has an Account Lockout Bypass vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to perform password brute force attack...

CVE-2025-3709

Agentflow from Flowring Technology has an Account Lockout Bypass vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to perform password brute force attack...

CVE-2025-3709 Flowring Technology Agentflow - Account Lockout Bypass

Agentflow from Flowring Technology has an Account Lockout Bypass vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to perform password brute force attack...

CVE-2025-3709 Flowring Technology Agentflow - Account Lockout Bypass

Agentflow from Flowring Technology has an Account Lockout Bypass vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to perform password brute force attack...

Flowring Technology Agentflow BPM 安全漏洞

Flowring Technology Agentflow BPM is an enterprise process management system from Flowring Technology China. A security vulnerability exists in Flowring Technology Agentflow BPM, which stems from an account lockout bypass vulnerability that could lead to password brute force attack by an...

Flowring Technology Agentflow BPM 路径遍历漏洞

Flowring Technology Agentflow BPM is an enterprise process management system from Flowring Technology, a Chinese company. A path traversal vulnerability exists in Flowring Technology Agentflow BPM, which arises from a file download feature that allows an unauthenticated, remote attacker to bypass...

Flowring Technology Agentflow BPM 授权问题漏洞

Flowring Technology Agentflow BPM is an enterprise process management system from Flowring Technology. Flowring Technology Agentflow BPM suffers from an authorization vulnerability that arises from improper authentication of its enterprise management system, which could allow a remote attacker wi...

Flowring Technology Agentflow BPM 代码问题漏洞

Flowring Technology Agentflow BPM is an enterprise process management system from Flowring Technology China. A code issue exists in Flowring Technology Agentflow BPM, which arises from an insufficient filtering of special characters in the url of the file upload function, which could allow an...