Keyfactor Signserver
4 CVEs affecting Keyfactor Signserver. Latest disclosed: 2025-12-22. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-47222 | Medium | 6.5 | 2025-11-13 | A class name enumeration was found in Keyfactor SignServer versions prior to 7.3.2. Setting any chosen class name to any of the properties requiring a class pa… |
CVE-2025-47221 | Medium | 5.3 | 2025-11-13 | An arbitrary file write was found in Keyfactor SignServer versions prior to 7.3.2. The properties ARCHIVETODISK_FILENAME-PATTERN, ARCHIVETODISK_PATH_BASE, ARCH… |
CVE-2025-47220 | Medium | 5.3 | 2025-11-13 | A local file enumeration was found in Keyfactor SignServer versions prior to 7.3.2 .The property VISIBLE_SIGNATURE_CUSTOM_IMAGE_PATH, which exists in the PDFSi… |
CVE-2025-26787 | Medium | 4.7 | 2025-12-22 | An error in the SignServer container startup logic was found in Keyfactor SignServer versions prior to 7.2. The Admin CLI command used to configure Certificate… |