Version 12.5

Introduction

Progress® Flowmon® 12.5 introduces an updated Operating System (OS) kernel and comprehensive security enhancements across the Flowmon platform.

Let us know your feedback

Customers helped to choose and validate some of the features that went into this release, and we want to hear from you to continue to improve Flowmon. You can request to join and participate in pre-release activities on the Flowmon Customer Validation Program (CVP), and vote for and submit your product ideas on our ideas portal. Thank you for helping to make Flowmon better!

Release history

• 12.5.8: Released 2026-04-02
• 12.5.7: Released 2025-12-02
• 12.5.6: Released 2025-10-29
• 12.5.5: Released 2025-10-09
• 12.5.4: Released 2025-08-20
• 12.5.3: Released 2025-04-07
• 12.5.2: Released 2024-12-04
• 12.5.1: Released 2024-10-15
• 12.5.0: Released 2024-10-02

What’s new in Flowmon 12.5

New Operating System kernel version

The OS kernel was updated to version 6.6.117-1, introducing compatibility with the 16th generation of the Dell hardware platform.

Zabbix Agent generation 2

Starting with Flowmon 12.5.2, the Flowmon device is delivered with a pre-installed generation 2 Zabbix Agent. This provides easy remote monitoring using a centralized monitoring system. Flowmon also contains a generation 1 Zabbix Agent, which will be removed in the future. We recommend that you migrate to the generation 2 Zabbix Agent.

To migrate from a generation 1 to generation 2 Zabbix Agent, follow these steps:

1. Configure the generation 2 Zabbix Agent in /etc/zabbix/zabbix_agent2.conf
2. Stop the original Zabbix Agent service: sudo systemctl stop zabbix-agent.service
3. Disable automatic starting after reboot: sudo systemctl disable zabbix-agent.service
4. Start the new Zabbix Agent service: sudo systemctl start zabbix-agent2.service
5. Enable automatic starting after reboot: sudo systemctl enable zabbix-agent2.service

Other changes - Flowmon 12.5.8

• CVE-2026-2737 was fixed: A vulnerability that allowed authenticated administrators to inadvertently trigger unintended actions within the Flowmon web application after clicking a malicious link provided by an attacker.
• CVE-2026-3692 was fixed: A vulnerability that allowed an authenticated low-privileged user to craft a request during the report generation process, resulting in unintended commands being executed on the server.
• Fixed a vulnerability in the PDF generation process that could allow an authenticated adversary with access to the GUI to cause the server to initiate unintended requests.
• The OS kernel was updated to version 6.6.129, fixing CVE-2025-40248, CVE-2025-40258, and CVE-2025-40264.
• The jws package was updated to version 4.0.1, fixing CVE-2025-65945.
• The httpd package was updated to version 2.4.6-99.el7.7, fixing CVE-2025-58098.
• The gnupg2 package was updated to version 2.0.22-5.el7_9.1, fixing CVE-2025-68973, CVE-2026-24881, and CVE-2026-24882.
• The libsoup package was updated to version 2.62.2-11.el7, fixing CVE-2026-0719 and CVE-2026-1761.
• The react-router package was updated to version 6.30.3, fixing CVE-2026-22029 and CVE-2025-68470.
• The java-1.8.0-openjdk package was updated to version 1.8.0.482.b08-1.el7, fixing CVE-2026-21945.
• The glib2 package was updated to version 2.56.1-11.el7_9, fixing CVE-2025-13601.
• The lodash package was updated to version 4.17.21, fixing CVE-2025-13465.
• The axios package was updated to version 1.13.5, fixing CVE-2026-25639.
• The PostgreSQL package was updated to version 15.17, fixing CVE-2026-2004, CVE-2026-2005, and CVE-2026-2006.
• The python package was updated to version 2.7.5-94.el7_9.3, fixing CVE-2025-12084.
• The python3 package was updated to version 3.6.8-21.el7_9.3, fixing CVE-2025-12084.
• The minimatch package was updated to version 10.2.4, fixing CVE-2026-26996.
• The openssl package was updated to version 3.6.1, fixing CVE-2025-68160, CVE-2025-69418, and CVE-2025-15467.
• The ca-certificates package was updated to version 2025.2.80_v9.0.304-71.el7.
• The Zabbix Agent 2 package was updated to version 6.0.45-release1.el7.
• The grub2 package was updated to version 2.02-0.87.el7_9.16, fixing CVE-2025-61662 and CVE-2025-0624.
• The libpng package was updated to version 1.5.13-8.el7.2, fixing CVE-2026-25646 and CVE-2025-64720.
• The mariadb package was updated to version 5.5.68-1.el7.1, fixing CVE-2025-13699.
• The net-snmp package was updated to version 5.7.2-49.el7_9.5, fixing CVE-2025-68615.
• The perl package was updated to version 5.16.3-299.el7_9.1, fixing CVE-2023-31484.
• The python2-pyasn1 package was updated to version 0.1.9-7.el7.2.
• The tzdata package was updated to version 2026a-1.el7_9.
• The tzdata-java package was updated to version 2026a-1.el7_9.
• The picomatch package was updated to version 2.3.2, fixing CVE-2026-33671 and CVE-2026-33672.
• The brace-expansion package was updated to version 5.0.5, fixing CVE-2026-33750.

Other changes - Flowmon 12.5.7

• The OS kernel was updated to version 6.6.117-1, which fixes CVE-2025-40186, CVE-2025-40176, CVE-2025-40157, CVE-2025-40141, CVE-2025-40140, CVE-2025-40104, CVE-2025-40080, CVE-2025-40071, CVE-2025-40061, CVE-2025-40029, CVE-2025-40018, and CVE-2025-40020.
• The js-yaml library was updated to version 3.14.2, which fixes CVE-2025-64718.
• The libtiff package was updated to version 4.0.3-35.el7.1, which fixes CVE-2025-9900.
• The libsoup package was updated to version 2.62.2-9.el7, which fixes CVE-2025-11021.
• The bind package was updated to version 9.11.4-26.P2.el7_9.19, which fixes CVE-2025-40778, CVE-2025-40780, and CVE-2025-8677.

Other changes - Flowmon 12.5.6

• CVE-2025-11906 was fixed: Fixed a vulnerability where incorrect file permissions in system configuration files could allow users with SSH access to the default 'flowmon' account to escalate privileges to root during service initialization.

Other changes - Flowmon 12.5.5

• CVE-2025-10239 was fixed: A vulnerability that allows a user with administrator privileges to execute additional, unintended commands within scripts intended for troubleshooting purposes.
• CVE-2025-10240 was fixed: A vulnerability in the Progress Flowmon web application, whereby a user who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated session.
• The OS kernel was updated to version 6.6.108, fixing CVE-2025-38604, CVE-2025-38553, CVE-2025-38568, and CVE-2025-38584.
• The pam module was updated to version 1.1.8-23.el7.2, fixing CVE-2025-6020 and CVE-2025-8941.
• The Axios package was updated to version 1.12.2, fixing CVE-2025-58754.
• The cups package was updated to version 1.6.3-52.el7_9.1, fixing CVE-2025-58060.
• The gdk-pixbuf2 package was updated to version 2.36.12-4.el7, fixing CVE-2025-7345.
• The httpd package was updated to version 2.4.6-99.el7.6, fixing CVE-2024-47252 and CVE-2025-49812.
• The libarchive package was updated to version 3.1.2-14.el7_9.1, fixing CVE-2024-47252 and CVE-2025-5914.
• The python3 package was updated to version 3.6.8-21.el7_9.2, fixing CVE-2025-8194.
• The udisks2 package was updated to version 2.8.4-1.el7.2, fixing CVE-2025-8067.
• The tar-fs package was updated to version 3.1.1, fixing CVE-2025-59343.

Other changes - Flowmon 12.5.4

• If the data disk size is extended on a virtual appliance, the new size is detected during appliance boot and the data partition is resized to use the available space.
• The OS kernel was updated to version 6.6.101, fixing CVE-2025-22056, CVE-2025-37749, CVE-2025-37943, CVE-2025-37985, CVE-2025-37913, CVE-2025-37914, CVE-2025-37915, CVE-2025-37933, CVE-2025-38010, CVE-2025-38037, CVE-2025-38061, CVE-2025-38110, CVE-2025-38124, CVE-2025-38159, CVE-2025-38087, CVE-2025-38089, CVE-2025-38236, CVE-2025-38350, CVE-2025-38471, CVE-2025-38477, and CVE-2025-38500.
• The libblockdev package was updated to version 2.18-5.el7.2, fixing CVE-2025-6019.
• The pam module was updated to version 1.1.8-23.el7.1, fixing CVE-2025-6020.
• PHP was updated to version 8.3.24, fixing CVE-2024-11235, CVE-2025-1220, CVE-2025-1735, and CVE-2025-6491.
• The OpenJDK package was updated to version 1.8.0.462.b08-1.el7, fixing CVE-2025-21587, CVE-2025-30691, and CVE-2025-30698.
• The zlib package was updated to version 1.2.7-21.el7_9.1, fixing CVE-2025-4638.
• The libsoup library was updated to version 2.62.2-7.el7, fixing CVE-2025-4948.
• The glibc package was updated to version 2.17-326.el7_9.5, fixing CVE-2025-4802.
• The sudo package was updated to version 1.8.23-10.el7_9.4, fixing CVE-2025-32462, and CVE-2025-32463.
• The sqlite package was updated to version 3.7.17-9.el7_9.1, fixing CVE-2025-6965.
• The microcode_ctl package was updated to version 2.1-73.24.el7_9, fixing CVE-2024-28956.
• The mpfr package was updated to version 3.1.1-4.el7.3, fixing CVE-2014-9474.
• The python-setuptools package was updated to version 0.9.8-7.el7.2, fixing CVE-2025-47273.
• The python3-setuptools package was updated to version 39.2.0-10.el7.2, fixing CVE-2025-47273.
• The libxml2 package was updated to version 2.9.1-6.el7_9.13, fixing CVE-2025-32415, CVE-2025-7424, and CVE-2025-7425.
• The libxslt package was updated to version 1.1.28-8.el7_9, fixing CVE-2024-55549 and CVE-2025-24855.
• The PostgreSQL package was updated to version 15.14, fixing CVE-2025-8714 and CVE-2025-8715.

Other changes - Flowmon 12.5.3

• The OS kernel was updated to version 6.6.84, fixing CVE-2024-50302, CVE-2024-53104, CVE-2024-50276, CVE-2024-53122, CVE-2024-53166, CVE-2024-56605, CVE-2024-56636, CVE-2024-56640, CVE-2024-56642, CVE-2024-48873, CVE-2024-57876, CVE-2023-52926, CVE-2025-21653, CVE-2025-21655, CVE-2025-21689, CVE-2025-21700, CVE-2024-57979, CVE-2024-58069, CVE-2024-58072, CVE-2025-21703, and CVE-2025-21760.
• The underscore library was updated to version 1.13.7, fixing CVE-2021-23358.
• The Axios package was updated to version 1.8.3, fixing CVE-2024-39338, CVE-2024-57965 and CVE-2025-27152.
• The zlog library was updated to version 1.2.18, fixing CVE-2024-22857.
• The libxml2 library was updated to version 2.9.1-6.el7_9.9, fixing CVE-2022-49043, CVE-2024-56171, and CVE-2025-24928.
• The bind package was updated to version 9.11.4-26.P2.el7_9.18, fixing CVE-2024-11187.
• The microcode_ctl package was updated to version 2.1-73.23.el7_9, fixing CVE-2023-43758, CVE-2023-34440, CVE-2024-24582, CVE-2024-29214, and CVE-2024-28127.
• PostgreSQL package was updated to version 15.12-1, fixing CVE-2025-1094.
• The cookie package was updated to version 0.7.1, fixing CVE-2024-47764.
• The audit package was updated to version 2.8.5-4.el7.1.
• The tzdata package was updated to version 2025b-1.el7_9.
• The gcc package was updated to version 4.8.5-45.el7, fixing CVE-2020-11023.
• The Kerberos package was updated to version 1.15.1-55.el7_9.4, fixing CVE-2025-24528.
• The Emacs package was updated to version 24.3-23.el7_9.2, fixing CVE-2025-1244.
• The python3 package was updated to version 3.6.8-21.el7_9.1, fixing CVE-2024-6232.
• The libsoup package was updated to version 2.62.2-4.el7, fixing CVE-2024-52531.
• The python-jinja2 package was updated to version 2.7.2-5.el7, fixing CVE-2024-56326.
• The prismjs library was updated to version 1.30.0, fixing CVE-2024-53382.
• The babel library was updated to version 8.0.0-alpha.17, fixing CVE-2025-27789.
• The FreeType package was updated to version 2.8-15.el7_9.1, fixing CVE-2025-27363.
• The grub2 package was updated to version 2.02-0.87.el7_9.15, fixing CVE-2025-0624.

Other changes - Flowmon 12.5.2

• The tuned package was updated to version tuned-2.11.0-13.el7_9, fixing CVE-2024-52337.
• PostgreSQL was updated to version 15.9-1, fixing CVE-2024-10979, CVE-2024-10976, CVE-2024-10977, and CVE-2024-10978.
• The libsoup package was updated to version 2.62.2-3.el7, fixing CVE-2024-52530.
• The microcode package was updated to version 2.1-73.21.el7_9, fixing CVE-2023-45733 and CVE-2023-46103.
• The Kerberos package was updated to version 1.15.1-55.el7_9.3, fixing CVE-2024-3596.
• The OpenJDK package was updated to version 1.8.0.432.b06-1.el7_9, fixing CVE-2024-21208, CVE-2024-21210, CVE-2024-21217, and CVE-2024-21235.
• The Node.js package was updated to version 20.15.1, fixing CVE-2024-22020, CVE-2024-36137, CVE-2024-22018, and CVE-2024-37372.

Other changes - Flowmon 12.5.0

• The httpd package was updated to version 2.4.6-99.el7.3, fixing CVE-2024-38476.
• The linux-firmware package was updated to version linux-firmware-20200421-84.git78c0348, fixing CVE-2023-31315.
• The python-setuptools package was updated to version python-setuptools-0.9.8-7.el7.1, fixing CVE-2024-6345.
• The python3-setuptools package was updated to version python3-setuptools-39.2.0-10.el7.1, fixing CVE-2024-6345.

Important Information

Changes to Supported Protocols and Authentication Methods for External Data Storage

The NT LAN Manager v1 (NTLMv1) and CIFS (Samba) v1.0 protocols are deprecated and removed because they do not provide the required level of security and may pose a risk. You must switch to more secure versions (NTLMv2 and Samba 2.0 or higher) before proceeding with the upgrade to Flowmon version 12.5. You can make this change in Configuration Center > System > System Settings > External Data Storage.

Fixed issues

Issues fixed in Flowmon 12.5.8

Ticket Number	Issue Topic	Issue Details	Resolution Details
01841094	Probe	Enabling Optional L2 values for NetFlow record could cause an error during flow export.	The issue was fixed.
01831205	Configuration Center	SNMPv3 probing could fail when polling multiple probes, causing communication errors and failed live checks.	SNMPv3 data collection now uses isolated sessions, merges values by OID index, and handles failed follow-up calls more safely.
01833626	Monitoring Center	PDF export for the Analysis Show in Time view showed misaligned checkboxes and could render too wide on high-resolution displays.	PDF styles were corrected and the output width was limited for consistent rendering.
01818464	Configuration Center	Source profile interface channels could be deleted unexpectedly in some SNMP scenarios.	The related SNMP processing fix was applied to prevent unintended channel deletion from source profiles.
01766021	Monitoring Center	Downloading .txt results for some 30s profiles could show a false truncation warning even when enough disk space was available.	Export handling for no-data responses was corrected and false truncation warnings were removed.
01741540	Configuration Center	Interfaces discovered through SNMP could be assigned incorrect ifIndex values when related OID tables had different item counts.	SNMP interface mapping now correlates values by OID index to keep ifIndex assignments correct.
01801949	Monitoring Center	In high-load environments, channel data flushing could take too long and cause dropped flows during flow processing.	Channel statistics processing was improved to keep flow processing stable and prevent dropped flows during long channel data saves.

Issues fixed in Flowmon 12.5.7

Ticket Number	Issue Topic	Issue Details	Resolution Details
01812029, 01813101	Probe	Monitoring ports may fail to start on hardware appliances.	The unexpected uninstallation of Mellanox NIC drivers during the update no longer occurs.
01798319, 01806036	User Interface	The first login of the day to the Flowmon user interface was taking a couple of minutes on Collectors with a high number of flow sources or profiles if a specific nightly routine failed.	An additional condition that caused slow login was identified and fixed.

Issues fixed in Flowmon 12.5.6

Ticket Number	Issue Topic	Issue Details	Resolution Details
01799641	Update/Installation	Flowmon Collector 12.5.4 virtual appliance fails to update to version 12.5.5.	Updating the Flowmon Collector 12.5.4 virtual appliance to version 12.5.6 is possible.
01795147	Configuration Center	When hostname retrieval is configured through DHCP, the GUI incorrectly displays the default hostname value instead of the actual hostname obtained through DHCP.	The GUI shows the actual hostname.
01798319	User Interface	Login to the Flowmon user interface can take a couple of minutes on a Collector with a high number of Flow sources.	The issue has been fixed.

Issues fixed in Flowmon 12.5.5

Ticket Number	Issue Topic	Issue Details	Resolution Details
01786837, 01789451	Distributed Architecture	The distributed update occasionally fails and removes the update package on the Master Unit before updating the remote units.	The install package remains available until all remote units successfully complete installation.
01593849	Distributed Architecture	A changed source interface name is not updated on the Slave Units, causing a configuration mismatch.	The source interface name change is properly propagated to the Slave Units.
01766021	User Guide	The automatic resizing of the data partition after the reboot is available from version 12.5.4, but this information is missing in the User Guide.	The User Guide section, that describes the automatic resizing of data partition, was extended with information about Flowmon 12.5.4 and later versions.

Issues fixed in Flowmon 12.5.4

Ticket Number	Issue Topic	Issue Details	Resolution Details
01602088	Support Logs	The zabbix-agent and the rabbitmq-server components logs can use lot of disk space.	Log rotation fixed for the zabbix-agent and the rabbitmq-server components and logs are now included in the Flowmon support logs collection.
01718213	Monitoring Center	The Analysis page may load slowly on appliances with a high number of profiles.	Simultaneous writing to session logs no longer causes performance degradation on the Analysis page.
01740510	Monitoring Center	The graph for "Active devices in time" is not processed when there is a large number of records or when the selected interval is longer than one week.	The issue was fixed.
01739580	Update/Installation	It is not possible to boot into rescue mode on most hardware appliances.	Compatibility with newer PERC controllers (H355, H750, and H755) was restored by updating the ramdisk.
01743191	Monitoring Center	A top statistics query with aggregation based on the SMB file path may display an empty SMB path in the user interface if the path contains certain characters.	The issue was fixed.
01759422	Configuration Center	System partition usage increases after configuration import.	Temporary files are now deleted after configuration import.
01766833	Configuration Center	If the configuration XML contains characters not supported in XML 1.0, parsing fails and the XML cannot be exported.	The configuration XML is now sanitized before parsing.
01682014	Update/Installation	The PostgreSQL database migration failed during the Flowmon update because of the database size.	The migration was fixed by increasing the "max_locks_per_transaction" parameter.
01717146	Update/Installation	The update process for the Flowmon virtual appliance may fail because of insufficient space on the root partition.	The update process now requires 10% of free disk space on the root partition, but at least 900 MB.
01729479, 01751173, 01751611, 01753493	Docker	Docker uses the default subnet 172.17.0.1/16, which can cause connection conflicts or prevent PDF generation if the Docker engine cannot start.	Docker now uses the TEST-NET2 subnet (RFC 5737) to avoid conflicts with other networks.

Issues fixed in Flowmon 12.5.3

Ticket Number	Issue Topic	Issue Details	Resolution Details
01574669	Update/Installation	Flowmon installation is occasionally failing because of the PostgreSQL service is stopped.	The PostgreSQL service is not incorrectly stopped during the Flowmon update.
200020	User Guide	The Flowmon User Guide is missing information about the requirement for dedicated listening port for the AWS, Azure, or GCP flow logs collection.	The Flowmon User Guide was updated with requirements for dedicated listening ports for cloud flow logs.
01585445	User Guide	The Flowmon User Guide is missing information about proxy server usage and limitation.	More details about proxy server usage were added to the Flowmon User Guide.
01585445	User Guide	The Flowmon User Guide does not specify which configuration files are included in backups for the Disaster Recovery.	The Flowmon User Guide now contains information about configuration files exported as part of the backup process.
01593849	Distributed Architecture	It is not possible to update the list of profiled interfaces in the Distributed Architecture (DA) on the Slave Unit if there are no interfaces initially.	Profiled interface configuration is properly updated on the Slave Unit.
01682666	Distributed Architecture	Configuration mismatch is reported after deleting and re-adding the listening port.	Deleting and re-adding the listening port does not cause a configuration mismatch.
01583253	User Guide	It is not clear which flow values are affected by the sampling rate.	The Flowmon User Guide was updated with information about flow values affected by the sampling rate.
01682666	Distributed Architecture	Adding a new DA unit with a newer Flowmon version than on the Master Unit is not supported, but it was not checked.	The Flowmon version on the new unit is checked before adding it to to DA.
01683342, 01689484	Monitoring Center	The Analysis page sometimes fails loading graph data.	Graph loading is not failing for more parallel requests at the same time.
01682225, 01713886	Distributed Architecture	The nfdump query returns an incorrect flow start date if there is no data on some Slave Units.	The nfdump query returns the correct flow start date.
01694068, 01699994, 01713783	Probe	The Flowmon Probe is periodically attempting to re-send the IPFIX templates, causing a low flow traffic throughput.	Fixed a bug in the QUIC plugin that was causing the issue.
01674422	Configuration Center	Downloading of Autonomous System lists in the FMC Configuration does not work for hardware collectors with the Flowmon Packet Investigator installed.	Downloading of Autonomous System list was fixed.
01690352	Configuration Center	Uploading of a new license with acceleration causes acceleration to be temporarily disabled and unneccessary configuration changes.	If a new license with acceleration is applied over an old license with acceleration, acceleration is not disabled.
01682225	Probe	The Flowmon Probe is occasionally unable to merge fragmented Flow Records to the originals.	Fragmented flow merging was fixed.
01713886, 01682225	Distributed Architecture	Distributed Architecture reports a configuration mismatch caused by sections irrelevat for DA.	Configuration sections irrelevant for DA are excluded from the hash computation.

Issues fixed in Flowmon 12.5.2

Ticket Number	Issue Topic	Issue Details	Resolution Details
-	SSH Connection	It is not possible to connect to Flowmon with a static IP address using SSH from the default gateway.	The Flowmon SSH server is configured with UseDNS no to avoid connection issues caused by wrong DNS resolution.
212283, 01564476	Distributed Architecture	Configuration mismatch is reported if a Flowmon Probe license is not present.	Configuration mismatch is not reported if a Flowmon Probe license is not present.
212220	Update/Installation	Some OS kernel parameter changes were not applied during a repeated Flowmon update (after the previous update failed because of a full disk).	OS kernel parameter changes are properly applied during update.
212283, 01564476	Distributed Architecture	The custom widget layout setting was not propagated to other DA units, causing a DA configuration mismatch.	Widget layout settings are distributed properly to other DA units.
212283, 01564476	Distributed Architecture	There can be missing chart data on the Master Unit (caused by incomplete configuration file reading) if there is a big amount of profiles.	Configuration file reading was fixed.
212283, 01564476, 01570452	Distributed Architecture	If Flowmon version 11.1.5 and older was present on the appliance in the past and no custom CA certificates were used, DA reports a configuration mismatch in the CA certificates section after the update to 12.4.3 and newer.	DA does not report a CA certificates configuration mismatch after the update.
-	Configuration Center	A newly-attached disk may be unavailable for data migration in the Configuration Center on a virtual appliance.	A newly-attached disk is detected properly.
210490	Collector	An "illegal attempt to update" error message (with no impact on functionality) was reported during "Show in Time" profiles computation.	This error message was supressed.
210846, 211330	Monitoring Center	A syntax error is reported for an <interface>:<port> filter if the interface name contains the colon (:) character.	The filter syntax error was fixed.
210561, 212220	Update/Installation	Old PostgreSQL logs caused a lack of disk space, leading to update and availability issues.	Old PostgreSQL logs are periodically deleted.
207557	REST API	There is an incorrect order of values in the repsonse for the GET /rest/fmc/chapter-data/{id} REST API call.	The response was fixed and the REST API documentation was updated.
206497	Configuration Center	A configuration XML containing a listening port with a non-alphanumeric character cannot be imported.	The configuration XML import was fixed.
206497	Configuration Center	ADS user preferences were not imported from a configuration XML for users that were not imported yet.	The configuration XML import for users and user preferences was fixed.
207063	Distributed Architecture	The Master Unit reports a "missing data" warning during a Slave or Proxy Unit update.	The Master Unit only warns about an unavailable unit during a Slave or Proxy Unit update.
211618	REST API	The REST API endpoint /rest/fcc/license incorrectly redirects to the login page.	The REST API endpoint /rest/fcc/license was fixed.
204963	User Guide	The User Guide was missing information about generating key/certificates for encrypted flow export.	The User Guide now describes how to generate a key/certificates.
01569436	Update/Installation	The uninstallation process of Flowmon Packet Investigator (FPI) incorrectly removed other dependencies, causing various appliance failures.	The uninstallation FPI process was fixed.
01569389	Monitoring Center	Multiple analysis query execution caused degradation of GUI performance.	The process of cleanup after query execution has been fixed so it is no longer causing the issue.
01564606	Monitoring Center	User-planned periodic report chapter recomputation may have had an unexpected negative impact on overall appliance performance.	The report chapter recomputation process was fixed.
01564419	Alerts	The end of the Daylight Saving Time (DST) period negatively affects alert condition evaluation and alert charts computation.	Alerting functionality is not affected by DST end.
01565904	Monitoring Center	A subtenant user with only particular flow sources available could not run a "Show in Time" query on the All Sources profile with "Use all channels in the profile" selected.	"Show in Time" query execution was fixed for subtenant users.

Issues fixed in Flowmon 12.5.1

Ticket Number	Issue Topic	Issue Details	Resolution Details
209965	Distributed Architecture	XML configuration mismatch is reported if a flow source that is assigned to a tenant role is deleted.	There is no XML configuration mismatch reported after the flow source deletion.
207225	Distributed Architecture	There is incomplete data in reports in some conditions.	Slave Units send proper report chapter data to the Master Unit.
-	Configuration Center	Database shutdown is reported after the HTTPS certificate change.	PostgreSQL is not restarted after the certificate change.

Release information and installation

Flowmon

Version: 12.5.8

Date: April 2, 2026

This package contains an update for Flowmon appliances.

Copyright Notice

Copyright © 2007 - 2026 Progress Software Corporation and/or its subsidiaries or affiliates. All Rights Reserved.

Support Information

If you need help, contact our Support team at the Flowmon Support and Learning Hub.

Compatibility

Version 12.5.8 and higher is compatible with the following modules:

• Flowmon ADS: v12.4.0
• Flowmon APM: v6.1.0
• Flowmon APM Probe: v6.1.0
• Flowmon APM TG: v2.10.0
• Flowmon DDoS Defender: v5.6.2
• Flowmon Packet Investigator: v12.3.0
• Flowmon Packet Investigator Probe: v12.3.0
• Data Retention: v5.3.0
• IDS Probe: v3.5.0

If an incompatible version of any module is installed on a Flowmon appliance, it will be stopped and disabled during the update to Flowmon version 12.5.x. When a compatible version of the module is installed, the module will be automatically enabled and started again.

Installation requirements

Some installation requirements to be aware of are as follows:

• The Flowmon appliance must be updated to version 12.4.2 or newer before you can apply this update.
• Before you start updating the Flowmon appliance to version 12.5.x, ensure the installed modules meet the following version requirements:
  • Flowmon ADS: v12.4.0
  • Flowmon APM: v6.1.0
  • Flowmon APM Probe: v6.1.0
  • Flowmon APM TG: v2.10.0
  • Flowmon DDoS Defender: v5.6.2
  • Flowmon Packet Investigator: v12.3.0
  • Flowmon Packet Investigator Probe: v12.3.0
  • Data Retention: v5.3.0
  • IDS Probe: v3.5.0
• If any version is older than the ones specified above, the update will not complete successfully.

Installation

For the automatic package download from services.flowmon.com:

1. Log in to the Configuration Center on your Flowmon appliance.

2. Select the Versions tab.

3. Click Update the Package List.

4. If the Flowmon update package is available, Flowmon OS appears in the list.

5. Click Install for the Flowmon OS package.

Or, for the manual package download from the Flowmon Support Portal:

6. Download the package from the Support portal. Do NOT unpack it.

7. Log in to the Configuration Center on your Flowmon appliance.

8. Select the Versions tab.

9. Click Import Package and select the update file you downloaded in step 6.

The remaining installation steps are common for both paths:

10. During the installation, all users are logged out and Flowmon may become briefly unavailable and respond with Server Error - 500.

11. Wait until a notification is displayed informing you that the update was successful.