PT-2026-3760 · M Files · M-Files Server
Published
2026-01-21
·
Updated
2026-01-21
·
CVE-2026-0663
CVSS v4.0
6.9
Medium
| Vector | AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
M-Files Server versions prior to 26.1.15632.3
Description
An authenticated attacker with vault administrator privileges can cause the M-Files Server process to crash by calling a vulnerable API endpoint. The issue is a denial-of-service condition.
Recommendations
Update M-Files Server to version 26.1.15632.3 or later.
Fix
DoS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
M-Files Server