Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

fileflows

Source -

CNA

CNA CVEs -

1

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
1Vulnerabilities found
CVE-2025-15585
Assigner-ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a
ShareView Details
Assigner-ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 8.57%
||
7 Day CHG~0.00%
Published-18 Feb, 2026 | 23:44
Updated-19 Feb, 2026 | 17:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Fileflows versions before 25.05.2 are affected by an authenticated SQL injection vulnerability in the library-file search function. Successful exploitation requires the system to use MySQL as the underlying database and could result in privilege escalation or data exfiltration.

Action-Not Available
Vendor-fileflows
Product-fileflows
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')