CVE-2025-11898
Severity CVSS v4.0:
HIGH
Type:
CWE-23
Relative Path Traversal
Publication date:
17/10/2025
Last modified:
17/10/2025
Description
Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.
Impact
Base Score 4.0
8.70
Severity 4.0
HIGH
Base Score 3.x
7.50
Severity 3.x
HIGH