A vulnerability described as critical has been identified in Flow up to 9.x . Affected is the function eval of the file flow/admin/moniteur.php . Executing a manipulation of the argument Action can lead to improper authentication. This vulnerability appears as CVE-2025-50881 . The attack may be performed from remote. There is no available exploit. Upgrading the affected component is recommended.