📦 M Files Web

This vulnerability allows attackers to perform unlimited login attempts against certain M-Files user accounts, enabling brute-force attacks to guess passwords. It affects M-Files Server and M-Files We...

This vulnerability allows denial of service attacks against M-Files Web servers by sending HTTP requests with overlapping Range or Request-Range headers. It affects organizations using M-Files Web ver...

This vulnerability in M-Files Web allows remote attackers to access license key information for third-party components without authentication. It affects M-Files Web versions before 20.10.9524.1 and 2...

CVE-2025-3087 is a stored cross-site scripting (XSS) vulnerability in M-Files Web versions 25.1.14445.5 through 25.2.14524.4. It allows authenticated users to inject malicious scripts that execute in ...