Unrated severityNVD Advisory· Published Feb 10, 2026· Updated Feb 10, 2026
Flowring|Agentflow - Authentication Bypass
CVE-2026-2095
Description
Agentflow developed by Flowring has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain arbitrary user authentication token and log into the system as any user.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- forum.flowring.com/post/viewmitremitigationvendor-advisory
- www.twcert.org.tw/en/cp-139-10700-3534d-2.htmlmitrethird-party-advisory
- www.twcert.org.tw/tw/cp-132-10699-49c0b-1.htmlmitrethird-party-advisory
News mentions
0No linked articles in our index yet.