Primary

Context

Flowring Agentflow Missing Authentication Vulnerability Allowing Unauthenticated Database Access

Vulnerability

Patched

A missing authentication vulnerability has been identified in Flowring's Agentflow, all versions. This vulnerability allows unauthenticated remote attackers to read, modify, and delete database contents by exploiting a specific functionality.

Impact

Exploitation of this vulnerability could lead to unauthorized access and manipulation of database information, including the ability to delete data.

Remediation

Users are advised to implement the authentication measures outlined in the official Flowring forum post regarding this vulnerability. For issues that have already caused operational disruptions, contact Flowring's customer service.

Added: Feb 10, 2026, 7:47 AM

Updated: Feb 10, 2026, 7:47 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.7

remediation

8.3

relevance

2.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.7

remediation

8.3

relevance

2.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Flowring Agentflow Missing Authentication Vulnerability Allowing Unauthenticated Database Access

Vulnerability

Impact

Remediation

Affected Products

Flowring Agentflow

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating