Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

GFI Software — Vulnerabilities & Security Advisories 26

Browse all 26 CVE security advisories affecting GFI Software. AI-powered Chinese analysis, POCs, and references for each vulnerability.

GFI Software develops IT management and security solutions, primarily focusing on endpoint protection, backup, and network monitoring for small to medium-sized enterprises. Historical analysis reveals a pattern of critical vulnerabilities within its software suite, including Remote Code Execution (RCE), Cross-Site Scripting (XSS), and privilege escalation flaws. These defects often stem from insufficient input validation and improper access controls in web-based interfaces and administrative consoles. With 26 Common Vulnerabilities and Exposures (CVEs) currently on record, the company has faced scrutiny regarding its patch management cadence and code security practices. While specific major data breaches directly attributed to these CVEs are not widely publicized, the cumulative risk profile suggests significant exposure for organizations relying on unpatched instances. The recurring nature of these issues highlights ongoing challenges in maintaining robust security hygiene across its product line, necessitating rigorous vulnerability scanning and timely updates for deployed systems to mitigate potential exploitation by threat actors.

Found 18 results / 26Clear Filters
Top products by GFI Software: MailEssentials AI HelpDesk Kerio Control
CVE IDTitleCVSSSeverityPublished
CVE-2026-23621 GFI MailEssentials AI < 22.4 ListServer.IsPathExist() Absolute Directory Traversal to File Enumeration — MailEssentials AICWE-203 4.3 Medium2026-02-19
CVE-2026-23620 GFI MailEssentials AI < 22.4 ListServer.IsDbExist() Absolute Directory Traversal to File Enumeration — MailEssentials AICWE-203 4.3 Medium2026-02-19
CVE-2026-23619 GFI MailEssentials AI < 22.4 General Settings Local Domains Domain Description Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23618 GFI MailEssentials AI < 22.4 Anti-Spam Spam Keyword Checking Subject Condition Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23617 GFI MailEssentials AI < 22.4 Anti-Spam Spam Keyword Checking Body Condition Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23616 GFI MailEssentials AI < 22.4 Anti-Spam Anti-Spoofing Description Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23615 GFI MailEssentials AI < 22.4 Anti-Spam Sender Policy Framework Email Exceptions Description Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23614 GFI MailEssentials AI < 22.4 Anti-Spam Sender Policy Framework IP Exceptions Description Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23613 GFI MailEssentials AI < 22.4 Anti-Spam URI DNS Blocklist Domain Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23612 GFI MailEssentials AI < 22.4 Anti-Spam IP DNS Blocklist Domain Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23611 GFI MailEssentials AI < 22.4 Anti-Spam IP Blocklist Description Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23610 GFI MailEssentials AI < 22.4 POP2Exchange POP3 Server Login Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23609 GFI MailEssentials AI < 22.4 General Settings Perimeter SMTP Servers Description Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23608 GFI MailEssentials AI < 22.4 Email Management Mail Monitoring Rule Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23607 GFI MailEssentials AI < 22.4 Anti-Spam Whitelist Description Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23606 GFI MailEssentials AI < 22.4 Advanced Content Filtering Rule Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23605 GFI MailEssentials AI < 22.4 Attachment Filtering Rule Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23604 GFI MailEssentials AI < 22.4 Keyword Filtering Rule Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19

This page lists every published CVE security advisory associated with GFI Software. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.