Description
An authenticated administrator may be able to achieve arbitrary code execution on the host system by uploading a malicious file through the Open Source LLM setup feature in the Admin Console. This vulnerability has been addressed in FileMaker Server 26.0.1.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
Thu, 09 Jul 2026 19:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Claris
Claris filemaker Server |
|
| Vendors & Products |
Claris
Claris filemaker Server |
Thu, 09 Jul 2026 19:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-434 | |
| Metrics |
cvssV3_1
|
Thu, 09 Jul 2026 18:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | An authenticated administrator may be able to achieve arbitrary code execution on the host system by uploading a malicious file through the Open Source LLM setup feature in the Admin Console. This vulnerability has been addressed in FileMaker Server 26.0.1. | |
| References |
|
Status: PUBLISHED
Assigner: apple
Published:
Updated: 2026-07-09T18:58:10.863Z
Reserved: 2026-05-01T22:46:27.815Z
Link: CVE-2026-43752
Updated: 2026-07-09T18:46:45.500Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-09T19:30:17Z
Weaknesses
-
CWE-434
Unrestricted Upload of File with Dangerous Type