CVE-2025-46295
CVSS Score
9.8
EPSS Score
0.0%
EPSS Percentile
0th
Apache Commons Text versions prior to 1.10.0 included interpolation features that could be abused when applications passed untrusted input into the text-substitution API. Because some interpolators could trigger actions like executing commands or accessing external resources, an attacker could potentially achieve remote code execution. This vulnerability has been fully addressed in FileMaker Server 22.0.4.
| Vendor | claris |
| Product | filemaker server |
| Published | Dec 16, 2025 |
| Last Updated | Feb 26, 2026 |
Stay Ahead of the Next One
Get instant alerts for claris filemaker server
Be the first to know when new critical vulnerabilities affecting claris filemaker server are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Claris / FileMaker Server
unspecified < 22.0.4