295 matches found
EUVD-2026-3685
Denial-of-service vulnerability in M-Files Server versions before 26.1.15632.3 allows an authenticated attacker with vault administrator privileges to crash the M-Files Server process by calling a vulnerable API endpoint...
CVE-2026-0663 Denial of Service condition in M-Files Server
Denial-of-service vulnerability in M-Files Server versions before 26.1.15632.3 allows an authenticated attacker with vault administrator privileges to crash the M-Files Server process by calling a vulnerable API endpoint...
CVE-2026-0663
Denial-of-service vulnerability in M-Files Server versions before 26.1.15632.3 allows an authenticated attacker with vault administrator privileges to crash the M-Files Server process by calling a vulnerable API endpoint...
CVE-2026-0663
CVE-2026-0663 is a denial-of-service vulnerability in M-Files Server prior to version 26.1.15632.3 . An authenticated attacker with vault administrator privileges can crash the M-Files Server process by calling a vulnerable API endpoint, causing a server availability impact. Public details identi...
PT-2026-3760
Denial-of-service vulnerability in M-Files Server versions before 26.1.15632.3 allows an authenticated attacker with vault administrator privileges to crash the M-Files Server process by calling a vulnerable API endpoint...
M-Files Server security vulnerabilities
The M-Files Server is a server belonging to the M-Files company’s M-Files system. Versions of the M-Files Server prior to 26.1.15632.3 had security vulnerabilities. These vulnerabilities stemmed from vulnerable API endpoints, which could allow authenticated attackers to cause the server process t...
CVE-2025-13008
An information disclosure vulnerability in M-Files Server before versions 25.12.15491.7, 25.8 LTS SR3, 25.2 LTS SR3 and 24.8 LTS SR5 allows an authenticated attacker using M-Files Web to capture session tokens of other active users...
CVE-2025-14318
Improper access checks in M-Files Server before 25.12.15491.7 allows users to download files through M-Files Web using Web Companion despite Print and Download Prevention module being enabled...
CVE-2025-14267
Incomplete removal of sensitive information before transfer vulnerability in M-Files Corporation M-Files Server allows data leak exposure affecting versions before 25.12.15491.7...
CVE-2025-14267
Incomplete removal of sensitive information before transfer vulnerability in M-Files Corporation M-Files Server allows data leak exposure affecting versions before 25.12.15491.7...
CVE-2025-13008
CVE-2025-13008 describes an information-disclosure vulnerability in M-Files Server where an authenticated attacker using M-Files Web can capture session tokens of other active users. Affected versions include prior to 25.12.15491.7, 25.8 LTS SR3, 25.2 LTS SR3, and 24.8 LTS SR5. The root cause is ...
EUVD-2025-204468
An information disclosure vulnerability in M-Files Server before versions 25.12.15491.7, 25.8 LTS SR3, 25.2 LTS SR3 and 24.8 LTS SR5 allows an authenticated attacker using M-Files Web to capture session tokens of other active users...
CVE-2025-14267 Unintended temporary cached data included in a structure only copy intended to be empty of data
Incomplete removal of sensitive information before transfer vulnerability in M-Files Corporation M-Files Server allows data leak exposure affecting versions before 25.12.15491.7...
CVE-2025-14267 Unintended temporary cached data included in a structure only copy intended to be empty of data
Incomplete removal of sensitive information before transfer vulnerability in M-Files Corporation M-Files Server allows data leak exposure affecting versions before 25.12.15491.7...
CVE-2025-14267
CVE-2025-14267 affects M-Files Server prior to version 25.12.15491.7. The issue is incomplete removal of sensitive information before data transfer, enabling potential data-leak exposure. Affected component is the server-side handling of data transfer where sensitive data may remain cached/left b...
EUVD-2025-204453
Incomplete removal of sensitive information before transfer vulnerability in M-Files Corporation M-Files Server allows data leak exposure affecting versions before 25.12.15491.7...
PT-2025-52417
Name of the Vulnerable Software and Affected Versions M-Files Server versions prior to 25.12.15491.7 M-Files Server versions 25.8 LTS SR3, 25.2 LTS SR3, and 24.8 LTS SR5 Description An information disclosure issue exists in M-Files Server that could allow an authenticated attacker using M-Files W...
M-Files Server 安全漏洞
M-Files Server is a server for the M-Files system from M-Files, Inc. A security vulnerability exists in M-Files Server that originates from an authenticated attacker being able to capture session tokens of other active users via M-Files Web. The following versions are affected: versions prior to...
PT-2025-52414
Name of the Vulnerable Software and Affected Versions M-Files versions prior to 25.12.15491.7 Description A flaw exists in M-Files Server that involves the incomplete removal of sensitive information before data transfer, potentially leading to data leak exposure. Recommendations Update to versio...
M-Files Server 安全漏洞
M-Files Server is a server for the M-Files system from M-Files, Inc. A security vulnerability exists in M-Files Server versions prior to 25.12.15491.7, which stems from incomplete removal of sensitive information and could lead to a data leak...