An authenticated administrator may be able to achieve arbitrary code execution on the host system by uploading a malicious file through the Open Source LLM setup feature in the Admin Console. This vulnerability has been addressed in FileMaker Server 26.0.1.
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Thu, 09 Jul 2026 19:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Claris
Claris filemaker Server |
|
| Vendors & Products |
Claris
Claris filemaker Server |
Thu, 09 Jul 2026 19:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-434 | |
| Metrics |
cvssV3_1
|
Thu, 09 Jul 2026 18:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | An authenticated administrator may be able to achieve arbitrary code execution on the host system by uploading a malicious file through the Open Source LLM setup feature in the Admin Console. This vulnerability has been addressed in FileMaker Server 26.0.1. | |
| References |
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: apple
Published:
Updated: 2026-07-09T18:58:10.863Z
Reserved: 2026-05-01T22:46:27.815Z
Link: CVE-2026-43752
Updated: 2026-07-09T18:46:45.500Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-09T19:30:17Z
Weaknesses