2 matches found
CVE-2025-11899 Flowring Technology|Agentflow - Use of Hard-coded Cryptographic Key
Agentflow developed by Flowring has an Use of Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit the fixed key to generate verification information, thereby logging into the system as any user. Attacker must first obtain an user ID in order to exploit...
CVE-2025-11899
CVE-2025-11899 affects Flowring’s Agentflow. The vulnerability arises from a hard-coded cryptographic key, enabling unauthenticated remote attackers to generate verification information and log in as any user after obtaining a user ID. Connected sources corroborate the issue across NVD/Red Hat an...