Vulnerability Details CVE-2026-43685
A Remote Code Execution vulnerability in Claris FileMaker Cloud allowed a user with Admin Console privileges to inject arbitrary operating system commands through unsanitized input in the External ODBC Data Source connection test feature. This issue is fixed in FileMaker Cloud 2.22.0.5.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.1%
CVSS Severity
CVSS v3 Score 7.2
Products affected by CVE-2026-43685
-
cpe:2.3:a:claris:filemaker_cloud:2.20.1.1
-
cpe:2.3:a:claris:filemaker_cloud:2.20.1.2
-
cpe:2.3:a:claris:filemaker_cloud:2.20.1.215
-
cpe:2.3:a:claris:filemaker_cloud:2.20.1.3
-
cpe:2.3:a:claris:filemaker_cloud:2.20.1.4
-
cpe:2.3:a:claris:filemaker_cloud:2.20.1.6
-
cpe:2.3:a:claris:filemaker_cloud:2.21.0.1
-
cpe:2.3:a:claris:filemaker_cloud:2.21.0.2
-
cpe:2.3:a:claris:filemaker_cloud:2.21.0.3
-
cpe:2.3:a:claris:filemaker_cloud:2.21.1.1
-
cpe:2.3:a:claris:filemaker_cloud:2.21.1.2
-
cpe:2.3:a:claris:filemaker_cloud:2.21.1.3
-
cpe:2.3:a:claris:filemaker_cloud:2.22.0
-
cpe:2.3:a:claris:filemaker_cloud:2.22.0.2