CVE-2026-2251 - Vulnerability Details

- Path Traversal leading to Remote Code Execution (RCE)

Description

Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in Xerox FreeFlow Core allows unauthorized path traversal leading to RCE.
This issue affects Xerox FreeFlow Core versions up to and including 8.0.7.

Please consider upgrading to FreeFlow Core version 8.1.0 via the software available on - https://www.support.xerox.com/en-us/product/core/downloads

https://www.support.xerox.com/en-us/product/core/downloads

Published: 2026-02-27

Score: 9.8 Critical

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability in Xerox FreeFlow Core allows an attacker to perform path traversal, bypassing directory restrictions, and gain the ability to execute arbitrary code. The weakness is identified as CWE-22, which permits attackers to escape designated directories and interact with the underlying filesystem. Compromise of the application can lead to full system takeover, data exfiltration, and persistent footholds, severely impacting confidentiality, integrity, and availability of the host running the software.

Affected Systems

The affected product is Xerox FreeFlow Core, versions up to and including 8.0.7. The company has released version 8.1.0 with the fix. Administrators should verify the current software version and assess whether they are on a vulnerable build.

Risk and Exploitability

The severity is high with a CVSS score of 9.8, yet the EPSS score is listed as less than 1%, indicating a very low probability of exploitation under current conditions. The vulnerability is not present in the CISA Known Exploited Vulnerabilities catalog. The likely attack vector is remote over the network through any exposed FreeFlow Core interface that accepts file paths, as no explicit entry mechanism is defined in the description; thus the attack is inferred to be network based.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Xerox

FreeFlow Core

unaffected

Version	Status	Constraints
`0`	affected	≤ 8.0.7

Configuration 1 [-]

cpe:2.3:a:xerox:freeflow_core:*:*:*:*:*:*:*:*

No data.

Vendor Product Confidence Versions

Xerox

Freeflow Core

100%

Version	Status	Scheme	Platform
`[0,8.0.7]`	affected	generic	['windows']

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the vendor‐supplied upgrade to Xerox FreeFlow Core version 8.1.0 from the official download portal.
Configure the application to enforce strict input validation or directory whitelisting, ensuring that any file path handling rejects traversal characters and limits access to approved directories.
Reduce the attack surface by limiting network exposure of the FreeFlow Core services, applying firewall rules, and continuously monitoring for anomalous file‑access or command‑execution attempts.

Generated by OpenCVE AI on April 16, 2026 at 15:29 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00105.

Exploitation none

Automatable yes

Technical Impact total

References

Link	Providers
https://securitydocs.business.xerox.com/wp-content/uploads/2026/02/Xerox-Security-Bulletin-026-005-for-Xerox-Freeflow-Core.pdf

History

Tue, 03 Mar 2026 16:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Mon, 02 Mar 2026 18:30:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:a:xerox:freeflow_core::::::::

Fri, 27 Feb 2026 16:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Xerox Xerox freeflow Core
Vendors & Products		Xerox Xerox freeflow Core

Fri, 27 Feb 2026 08:30:00 +0000

Type	Values Removed	Values Added
Description		Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in Xerox FreeFlow Core allows unauthorized path traversal leading to RCE. This issue affects Xerox FreeFlow Core versions up to and including 8.0.7. Please consider upgrading to FreeFlow Core version 8.1.0 via the software available on - https://www.support.xerox.com/en-us/product/core/downloads https://www.support.xerox.com/en-us/product/core/downloads
Title		Path Traversal leading to Remote Code Execution (RCE)
Weaknesses		CWE-22
References		https://securitydocs.business.xerox.com/wp-content/uploads/2026/02/Xerox-Security-Bulletin-026-005-for-Xerox-Freeflow-Core.pdf
Metrics		cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}`

Subscriptions

Xerox Freeflow Core

MITRE

Status: PUBLISHED

Assigner: Xerox

Published: 2026-02-27T08:08:52.263Z

Updated: 2026-03-03T15:36:53.126Z

Reserved: 2026-02-09T14:29:07.126Z

Link: CVE-2026-2251

Vulnrichment

Updated: 2026-03-03T15:36:49.433Z

NVD

Status : Analyzed

Published: 2026-02-27T09:16:16.950

Modified: 2026-03-02T18:24:15.897

Link: CVE-2026-2251

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-16T15:30:06Z

Weaknesses

CWE-22

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object