CVE-2025-2091

medium

Description

An open redirection vulnerability in M-Files mobile applications for Android and iOS prior to version 25.6.0 allows attackers to use maliciously crafted PDF files to trick other users into making requests to untrusted URLs.

References

https://product.m-files.com/security-advisories/cve-2025-2091

Details

Source: Mitre, NVD

Published: 2025-06-16

Updated: 2025-06-16

Risk Information

CVSS v2

Base Score: 5.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 4.4

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Severity: Medium

CVSS v4

Base Score: 4.8

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Severity: Medium

EPSS

EPSS: 0.00038

Detections

Analytics

CVE-2025-2091

medium

Description

References

Details

Risk Information

CVSS v2

CVSS v3

CVSS v4

EPSS