M-Files: >> M-Files Server >> 25.2.14524.13 Security Vulnerabilities
Denial-of-service vulnerability in M-Files Server versions before 26.1.15632.3 allows an authenticated attacker with vault administrator privileges to crash the M-Files Server process by calling a vulnerable API endpoint.
CVSS Score
4.9
EPSS Score
0.001
Published
2026-01-21
Incomplete removal of sensitive information before transfer vulnerability in M-Files Corporation M-Files Server allows data leak exposure affecting versions before 25.12.15491.7
CVSS Score
4.9
EPSS Score
0.0
Published
2025-12-19
Improper isolation of users in M-Files Server version before 25.3.14549 allows anonymous user to affect other anonymous users views and possibly cause a denial of service
CVSS Score
7.1
EPSS Score
0.003
Published
2025-04-04