Browse all 29 CVE security advisories affecting M-Files Corporation. AI-powered Chinese analysis, POCs, and references for each vulnerability.
M-Files Corporation provides intelligent information management software that organizes data based on context rather than physical location, serving enterprises seeking unified document control. The platform’s architecture, which integrates with various enterprise systems, has historically exposed it to a range of security flaws, currently totaling 29 recorded Common Vulnerabilities and Exposures. These vulnerabilities predominantly involve remote code execution, cross-site scripting, and privilege escalation, often stemming from insufficient input validation or improper access controls within its web interface and API endpoints. While no catastrophic data breaches have been widely publicized, the accumulation of these CVEs highlights persistent challenges in securing complex enterprise integrations. M-Files Corporation has responded to these findings through regular patch cycles, yet the high volume of disclosed issues suggests ongoing risks for organizations relying on its unpatched or misconfigured deployments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-3087 | Stored XSS Vulnerability in M-Files Web — M-Files WebCWE-79 | 5.4AI | MediumAI | 2025-04-04 |
| CVE-2023-4479 | Stored XSS Vulnerability in M-Files Web — M-Files WebCWE-79 | 7.3 | High | 2024-03-04 |
This page lists every published CVE security advisory associated with M-Files Corporation. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.