M Files · My Files · CVE-2025-2091
**Name of the Vulnerable Software and Affected Versions**
M-Files mobile applications for Android and iOS versions prior to 25.6.0
**Description**
An open redirection issue allows attackers to use maliciously crafted PDF files to trick other users into making requests to untrusted URLs. This can be achieved by utilizing specially crafted PDF files to deceive users into accessing potentially harmful websites.
**Recommendations**
For versions prior to 25.6.0, update to version 25.6.0 or later to resolve the issue. As a temporary workaround, consider avoiding the use of PDF files from untrusted sources within the M-Files mobile application until the update is applied.