Unrated severityNVD Advisory· Published Jan 13, 2026· Updated Feb 26, 2026

SQL injection leading to privilege escalation in Progress Flowmon ADS

CVE-2025-13774

Description

A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.4 and 13.0.1 where an SQL injection vulnerability allows authenticated users to execute unintended SQL queries and commands.

Affected products

Progress (organisation)/Flowmonllm-fuzzy
Range: <12.5.4, <13.0.1
Progress Software/Flowmon ADSv5
Range: Flowmon ADS 12 versions prior to 12.5.4

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

community.progress.com/s/article/Flowmon-ADS-CVE-2025-13774mitrevendor-advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000