Cyber Posture

CVE-2026-2095

Critical

Published: 10 February 2026

Published
10 February 2026
Modified
13 February 2026
KEV Added
Patch
CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0053 67.5th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

Agentflow developed by Flowring has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain arbitrary user authentication token and log into the system as any user.

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

SI-2 requires identification, reporting, and correction of flaws like CVE-2026-2095, directly preventing exploitation of the authentication bypass vulnerability through patching.

IA-2 Identification and Authentication (Organizational Users) good match
prevent

IA-2 mandates unique identification and authentication for organizational users, preventing unauthenticated attackers from bypassing authentication to impersonate any user.

IA-5 Authenticator Management good match
prevent

IA-5 ensures secure management and distribution of authenticators such as tokens, mitigating the acquisition of arbitrary authentication tokens by unauthenticated remote attackers.

Security SummaryAI

CVE-2026-2095 is an Authentication Bypass vulnerability in Agentflow, a product developed by Flowring. The flaw, associated with CWE-288, enables unauthenticated remote attackers to exploit a specific functionality within the software to obtain arbitrary user authentication tokens. This allows attackers to log into the system impersonating any user. The vulnerability received a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity due to its network accessibility, low complexity, and lack of prerequisites.

Unauthenticated attackers can exploit this vulnerability remotely over the network without user interaction or privileges. Successful exploitation grants full access to the system as any targeted user, potentially leading to complete compromise including high confidentiality, integrity, and availability impacts as reflected in the CVSS metrics.

Mitigation details are available in advisories published by Flowring and TWCERT, accessible at https://forum.flowring.com/post/view?bid=72&id=45611&tpg=1&ppg=1&sty=1#45939, https://www.twcert.org.tw/en/cp-139-10700-3534d-2.html, and https://www.twcert.org.tw/tw/cp-132-10699-49c0b-1.html. The vulnerability was published on 2026-02-10.

Details

CWE(s)
CWE-288

Affected Products

flowring
agentflow
all versions

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1212 Exploitation for Credential Access Credential Access
Adversaries may exploit software vulnerabilities in an attempt to collect credentials.
attack.mitre.org →
T1528 Steal Application Access Token Credential Access
Adversaries can steal application access tokens as a means of acquiring credentials to access remote systems and resources.
attack.mitre.org →
Why these techniques?

The vulnerability is an unauthenticated remote authentication bypass in a network-accessible application (T1190), directly exploited to obtain arbitrary user authentication tokens (T1528, T1212).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References