M-files server

This hub aggregates every CVE we track for M-files server, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting M-files server.

• CVE-2026-0932Blind server-side request forgery (SSRF) vulnerability in legacy connection methods of document co-authoring features in M-Files Server before 26.3 allow an unauthenticated attacker to cause the se...7.3Apr 1, 2026
• CVE-2026-0663Denial of Service condition in M-Files Server4.9Jan 21, 2026
• CVE-2025-14267Unintended temporary cached data included in a structure only copy intended to be empty of data4.9Dec 19, 2025
• CVE-2025-14318Improper access validation in M-Files Server4.3Dec 18, 2025
• CVE-2025-11681Denial of Service condition in M-Files Server6.5Nov 17, 2025
• CVE-2025-5964Path traversal in M-Files API6.5Jun 15, 2025
• CVE-2025-3086User in anonymous role could create and delete views7.1Apr 4, 2025
• CVE-2025-0635Denial of Service condition in M-Files Server7.5Jan 23, 2025
• CVE-2025-0619Unsafe stored password recovery4.9Jan 23, 2025
• CVE-2025-0648M-Files Server crash via EOT database driver configuration4.9Jan 23, 2025
• CVE-2024-10126Local file inclusion vulnerability in M-Files Server4.3Nov 20, 2024
• CVE-2024-10127Support for authentication bypass condition in M-Files LDAP authentication9.8Nov 20, 2024
• CVE-2024-6789Path traversal in M-Files API6.5Aug 27, 2024
• CVE-2024-4056Denial of service condition in M-Files Server7.5Apr 26, 2024
• CVE-2024-0563Denial of service condition in M-Files Server4.3Feb 23, 2024