CVE-2025-2091

UNKNOWN 0.0

Open redirection in M-Files Mobile

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

An open redirection vulnerability in M-Files mobile applications for Android and iOS prior to version 25.6.0 allows attackers to use maliciously crafted PDF files to trick other users into making requests to untrusted URLs.

CWE	CWE-601
Vendor	m-files corporation
Product	m-files mobile
Published	Jun 16, 2025
Last Updated	Feb 23, 2026

Stay Ahead of the Next One

Get instant alerts for m-files corporation m-files mobile

Be the first to know when new unknown vulnerabilities affecting m-files corporation m-files mobile are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

M-Files Corporation / M-Files Mobile

0 < 25.6.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

product.m-files.com: https://product.m-files.com/security-advisories/cve-2025-2091 empower.m-files.com: https://empower.m-files.com/security-advisories/CVE-2025-2091

Credits

Pasi Orovuo / Solita Oy Teemu Laakso / Solita Oy