Tim-solutions Tim Flow — known CVE vulnerabilities
Every CVE whose affected-product data names Tim-solutions Tim Flow, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2025-67278 — CVSS 6.5 (medium): An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a remote attacker to escalate privileges via a crafted HTTP…
CVE-2025-67280 — CVSS 5.4 (medium): In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Hibernate Query Language injection vulnerabilities exist which allow a low privileged…
CVE-2025-67281 — CVSS 5.4 (medium): In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple SQL injection vulnerabilities exists which allow a low privileged and administrative user…
CVE-2025-67282 — CVSS 5.4 (medium): In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Authorization Bypass vulnerabilities exists which allow a low privileged user to download…
CVE-2025-67279 — CVSS 5.3 (medium): An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a remote attacker to escalate privileges via the application…