Unrated severityNVD Advisory· Published Feb 10, 2026· Updated Feb 10, 2026
Flowring|Agentflow - Arbitrary File Upload
CVE-2026-2097
Description
Agentflow developed by Flowring has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.twcert.org.tw/en/cp-139-10700-3534d-2.htmlmitrethird-party-advisory
- www.twcert.org.tw/tw/cp-132-10699-49c0b-1.htmlmitrethird-party-advisory
News mentions
0No linked articles in our index yet.