Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

M-Files Corporation — Vulnerabilities & Security Advisories 29

Browse all 29 CVE security advisories affecting M-Files Corporation. AI-powered Chinese analysis, POCs, and references for each vulnerability.

M-Files Corporation provides intelligent information management software that organizes data based on context rather than physical location, serving enterprises seeking unified document control. The platform’s architecture, which integrates with various enterprise systems, has historically exposed it to a range of security flaws, currently totaling 29 recorded Common Vulnerabilities and Exposures. These vulnerabilities predominantly involve remote code execution, cross-site scripting, and privilege escalation, often stemming from insufficient input validation or improper access controls within its web interface and API endpoints. While no catastrophic data breaches have been widely publicized, the accumulation of these CVEs highlights persistent challenges in securing complex enterprise integrations. M-Files Corporation has responded to these findings through regular patch cycles, yet the high volume of disclosed issues suggests ongoing risks for organizations relying on its unpatched or misconfigured deployments.

Found 18 results / 29Clear Filters
Top products by M-Files Corporation: M-Files Server Hubshare M-Files Web M-Files Hubshare M-Files Connector for Copilot M-Files Aino M-Files Admin M-Files Mobile
CVE IDTitleCVSSSeverityPublished
CVE-2026-0932 M-Files Server 安全漏洞 — M-Files ServerCWE-918 8.2AIHighAI2026-04-01
CVE-2026-0663 Denial of Service condition in M-Files Server — M-Files ServerCWE-1286 4.9AIMediumAI2026-01-21
CVE-2025-13008 Session Token Disclosure in M-Files Web — M-Files ServerCWE-359 6.5AIMediumAI2025-12-19
CVE-2025-14267 Unintended temporary cached data included in a structure only copy intended to be empty of data — M-Files ServerCWE-212 6.5AIMediumAI2025-12-19
CVE-2025-14318 Improper access validation in M-Files Server — M-Files ServerCWE-863 6.5AIMediumAI2025-12-18
CVE-2025-11681 Denial of Service condition in M-Files Server — M-Files ServerCWE-400 6.5AIMediumAI2025-11-17
CVE-2025-5964 Path traversal in M-Files API — M-Files ServerCWE-22 6.5AIMediumAI2025-06-15
CVE-2025-3086 User in anonymous role could create and delete views — M-Files ServerCWE-653 7.1AIHighAI2025-04-04
CVE-2025-0635 Denial of Service condition in M-Files Server — M-Files ServerCWE-770 7.5 -2025-01-23
CVE-2025-0619 Unsafe stored password recovery — M-Files ServerCWE-522 4.9 -2025-01-23
CVE-2025-0648 M-Files Server crash via EOT database driver configuration — M-Files ServerCWE-248 4.9 -2025-01-23
CVE-2024-10127 Support for authentication bypass condition in M-Files LDAP authentication — M-Files ServerCWE-303 8.1AIHighAI2024-11-20
CVE-2024-6789 Path traversal in M-Files API — M-Files ServerCWE-22 6.5AIMediumAI2024-08-27
CVE-2024-4056 Denial of service condition in M-Files Server — M-Files ServerCWE-1333 7.5 High2024-04-26
CVE-2024-0563 Denial of service condition in M-Files Server — M-Files ServerCWE-770 4.3 Medium2024-02-23
CVE-2023-6910 Uncontrolled Resource Consumption in M-Files Server — M-Files ServerCWE-770 6.5 Medium2023-12-20
CVE-2023-6912 Brute force vulnerability in M-Files user authentication — M-Files ServerCWE-307 7.5 High2023-12-20
CVE-2021-41810 Script injection in M-Files Admin — M-Files ServerCWE-79 5.2 Medium2022-05-02

This page lists every published CVE security advisory associated with M-Files Corporation. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.