CVE-2026-25108
HIGH KEVFileZen 4.2.1-5.0.10 - Authenticated OS Command Injection via Antivirus Check Option
Title source: llmExploitation Summary
CVE-2026-25108 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added February 24, 2026.
Description
FileZen contains an OS command injection vulnerability. When FileZen Antivirus Check Option is enabled, a logged-in user may send a specially crafted HTTP request to execute an arbitrary OS command.
References (3)
Core 3
Core References
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-25108
Various Sources
https://www.soliton.co.jp/support/2026/006657.html
Third Party Advisory
https://jvn.jp/en/jp/JVN84622767/
Scores
CVSS v3
8.8
EPSS
0.0837
EPSS Percentile
92.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
no
Technical Impact
total
Details
CISA KEV
2026-02-24
VulnCheck KEV
2026-02-13
ENISA EUVD
EUVD-2026-6172
CWE
CWE-78
Status
published
Products (1)
soliton/filezen
4.2.1 - 5.0.11
Published
Feb 13, 2026
KEV Added
Feb 24, 2026
Tracked Since
Feb 18, 2026