CVE-2025-11681
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-11-17
Last updated on: 2026-02-23
Assigner: M-Files Corporation
Description
Description
Denial-of-service condition in M-Files Server versions before 25.11.15392.1, before 25.2 LTS SR2 and before 25.8 LTS SR2 allows an authenticated user to cause the MFserver process to crash.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| m-files | m-files_server | to 25.2.14524.13 (exc) |
| m-files | m-files_server | to 25.11.15392.1 (exc) |
| m-files | m-files_server | From 25.8.15085.13 (inc) to 25.8.15085.17 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-400 | The product does not properly control the allocation and maintenance of a limited resource. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a denial-of-service condition in M-Files Server versions before 25.11.15392.1 that allows an authenticated user to cause the MFserver process to crash.
How can this vulnerability impact me? :
An authenticated user can exploit this vulnerability to crash the MFserver process, resulting in a denial-of-service condition that disrupts the availability of the M-Files Server.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70