CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-2099

AgentFlow developed by Flowring has a Stored Cross-Site Scripting vulnerability, allowing authenticated remote attackers to inject persistent JavaScript codes that are executed in users' browsers upon page load.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 10.4%

CVSS Severity

CVSS v3 Score 5.4

References

https://www.twcert.org.tw/en/cp-139-10700-3534d-2.html
https://www.twcert.org.tw/tw/cp-132-10699-49c0b-1.html

Products affected by CVE-2026-2099

Flowring » Agentflow » Version: 4.0.0.1183.552

cpe:2.3:a:flowring:agentflow:4.0.0.1183.552

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-2099

Products

Pricing

Contact Us