M-Files Server is part of the M-Files Intelligent Information Management software that helps businesses find, share, and secure documents and other information. The server provides a platform for storing and managing all of your organization's documents. M-Files Server offers features for compliance, process automation, and quality management, making it useful for a variety of industries, including manufacturing, construction, pharmaceutical, and financial services.

M-Files Server

Local File Inclusion vulnerability in M-Files Server in versions before 24.11 (excluding 24.8 SR1, 24.2 SR3 and 23.8 SR7) allows an authenticated user to read server local files of a limited set of filetypes via document preview.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-5964	HIGH	8.4	M-Files Server	cpe:2.3:a:m-files:m-files_server	No	Yes	Jun 15, 2025
CVE-2025-11681	HIGH	7.1	M-Files Server	cpe:2.3:a:m-files:m-files_server	No	Yes	Nov 17, 2025
CVE-2025-3086	MEDIUM	6.3	M-Files Server	cpe:2.3:a:m-files:m-files_server	No	Yes	Apr 04, 2025
CVE-2025-0635	MEDIUM	6.3	M-Files Server	cpe:2.3:a:m-files:m-files_server	No	Yes	Jan 23, 2025
CVE-2025-0648	MEDIUM	5.9	M-Files Server	cpe:2.3:a:m-files:m-files_server	No	Yes	Jan 23, 2025

CVE-2024-10126:
M-Files Server vulnerability analysis and mitigation

5.3

Related M-Files Server vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2024-10126: M-Files Server vulnerability analysis and mitigation