GCVE - cpe:2.3:a:m-files_corporation:m-files_server:25.2.14524.14:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:m-files_corporation:m-files_server:25.2.14524.14:*:*:*:*:*:*:*

part: a version: 25.2.14524.14 update: *

Vendor	M Files Corporation (`2362f32a-0a24-5310-a96b-161849f50ffc`)
Product	M Files Server (`f876d50f-03f6-5f25-a9d1-a89f0dea6c10`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-13008`	not_vulnerable	2026-06-08 07:04:31.442729	Session Token Disclosure in M-Files Web An information disclosure vulnerability in M-Files Server before versions 25.12.15491.7, 25.8 LTS SR3, 25.2 LTS SR3 and 24.8 LTS SR5 allows an authenticated attacker using M-Files Web to capture session tokens of other active users. Published: 2025-12-19T07:04:19.709Z Updated: 2026-02-23T10:34:29.942Z Open on db.gcve.eu Reference links https://product.m-files.com/security-advisories/cve-2025-13008 https://empower.m-files.com/security-advisories/CVE-2025-13008	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.