Browse all 10 CVE security advisories affecting FLOWRING. AI-powered Chinese analysis, POCs, and references for each vulnerability.
FLOWRING is a network monitoring and management solution primarily used for real-time traffic analysis and infrastructure oversight. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, accounting for its 10 recorded CVEs. The platform's web interface and API components have been particularly vulnerable to unauthenticated attacks, allowing potential system compromise. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities in its web components suggests ongoing security challenges that require diligent patch management and access control implementation.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-2099 | Flowring|AgentFlow - Stored Cross-Site Scripting — AgentFlowCWE-79 | 5.4 | Medium | 2026-02-10 |
| CVE-2026-2098 | Flowring|AgentFlow - Reflected Cross-site Scripting — AgentFlowCWE-79 | 6.1 | Medium | 2026-02-10 |
| CVE-2026-2097 | Flowring|Agentflow - Arbitrary File Upload — AgentflowCWE-434 | 8.8 | High | 2026-02-10 |
| CVE-2026-2096 | Flowring|Agentflow - Missing Authenticaton — AgentflowCWE-288 | 9.8 | Critical | 2026-02-10 |
| CVE-2026-2095 | Flowring|Agentflow - Authentication Bypass — AgentflowCWE-288 | 9.8 | Critical | 2026-02-10 |
This page lists every published CVE security advisory associated with FLOWRING. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.