cvedb.io
CVE-2026-2097
HIGH · CVSS 8.8
EPSS exploitation probability: 0%
Published 2026-02-10T07:16:14.303 · Last modified 2026-06-17T10:30:18.587

Summary

Agentflow developed by Flowring has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.

Affected products

flowring — agentflow

Does this affect you?

Add your gear to cvedb and we'll alert you only when flowring ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.