Every CVE whose affected-product data names Filerise, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2025-68116 — CVSS 8.9 (high): FileRise is a self-hosted web file manager / WebDAV server. Versions prior to 2.7.1 are vulnerable to Stored Cross-Site Scripting (XSS) due…
CVE-2026-33072 — CVSS 8.2 (high): FileRise is a self-hosted web file manager / WebDAV server. In versions prior to 3.9.0, a hardcoded default encryption key…
CVE-2026-33329 — CVSS 8.1 (high): FileRise is a self-hosted web file manager / WebDAV server. From version 1.0.1 to before version 3.10.0, the resumableIdentifier parameter…
CVE-2025-62509 — CVSS 8.1 (high): FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. Prior to version 1.4.0, a business…
CVE-2025-62510 — CVSS 8.1 (high): FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. In version 1.4.0, a regression…
CVE-2026-25231 — CVSS 7.5 (high): FileRise is a self-hosted web file manager / WebDAV server. Versions prior to 3.3.0, the application contains an unauthenticated file read…
CVE-2026-33330 — CVSS 7.1 (high): FileRise is a self-hosted web file manager / WebDAV server. Prior to version 3.10.0, a broken access control issue in FileRise's ONLYOFFICE…
CVE-2025-66403 — CVSS 4.6 (medium): FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. Prior to 2.2.3, a stored cross-site…
CVE-2026-25230 — CVSS 4.6 (medium): FileRise is a self-hosted web file manager / WebDAV server. Prior to 3.3.0, an HTML Injection vulnerability allows an authenticated user to…
CVE-2026-33477 — CVSS 4.3 (medium): FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. In versiosn 2.3.7 through 3.10.0…
CVE-2026-33071 — CVSS 4.3 (medium): FileRise is a self-hosted web file manager / WebDAV server. In versions prior to 3.8.0, the WebDAV upload endpoint accepts any file…
CVE-2026-33070 — CVSS 3.7 (low): FileRise is a self-hosted web file manager / WebDAV server. In versions prior to 3.8.0, a missing-authentication vulnerability in the…