CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added a recently disclosed vulnerability in FileZen to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026-25108 CVSS v4 score: 8.7, is a case of...

CVE-2026-25108

FileZen contains an OS command injection vulnerability. When FileZen Antivirus Check Option is enabled, a logged-in user may send a specially crafted HTTP request to execute an arbitrary OS command...

FileZen vulnerable to OS command injection

Overview FileZen provided by Soliton Systems K.K. contains the following vulnerability. OS command injection CWE-78 - CVE-2026-25108 This vulnerability can be exploited when FileZen Antivirus Check Option is enabled The developer states that attacks exploiting the vulnerability has been observed...

CVE-2026-25108

FileZen contains an OS command injection vulnerability. When FileZen Antivirus Check Option is enabled, a logged-in user may send a specially crafted HTTP request to execute an arbitrary OS command...

EUVD-2020-26800

Malware in sbrugna...

EUVD-2021-8073

Malicious code in bioql PyPI...

CVE-2021-20655

FileZen V3.0.0 to V4.2.7 and V5.0.0 to V5.0.2 allows a remote attacker with administrator rights to execute arbitrary OS commands via unspecified vectors...