Every CVE whose affected-product data names Xerox Freeflow Core, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2026-2251 — CVSS 9.8 (critical): Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in Xerox FreeFlow Core allows unauthorized path…
CVE-2025-8356 — CVSS 9.8 (critical): In Xerox FreeFlow Core version 8.0.4, an attacker can exploit a Path Traversal vulnerability to access unauthorized files on the server…
CVE-2026-2252 — CVSS 7.5 (high): An XML External Entity (XXE) vulnerability allows malicious user to perform Server-Side Request Forgery (SSRF) via crafted XML input…
CVE-2025-8355 — CVSS 7.5 (high): In Xerox FreeFlow Core version 8.0.4, improper handling of XML input allows injection of external entities. An attacker can craft malicious…