Xerox Freeflow Core

9 CVEs affecting Xerox Freeflow Core. Latest disclosed: 2026-02-27. Critical: 2, High: 7.

Top CVEs affecting Xerox Freeflow Core
CVESeverityScorePublishedSummary
CVE-2026-2251Critical9.82026-02-27Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in Xerox FreeFlow Core allows unauthorized path traversal leading to…
CVE-2025-8356Critical9.82025-08-08In Xerox FreeFlow Core version 8.0.4, an attacker can exploit a Path Traversal vulnerability to access unauthorized files on the server. This can lead to Remot…
CVE-2024-47557High8.32024-10-07Pre-Auth RCE via Path Traversal
CVE-2024-47556High8.32024-10-07Pre-Auth RCE via Path Traversal
CVE-2024-47555High8.32024-10-07Missing Authentication - User & System Configuration
CVE-2024-47559High7.62024-10-07Authenticated RCE via Path Traversal
CVE-2024-47558High7.62024-10-07Authenticated RCE via Path Traversal
CVE-2026-2252High7.52026-02-27An XML External Entity (XXE) vulnerability allows malicious user to perform Server-Side Request Forgery (SSRF) via crafted XML input containing malicious exter…
CVE-2025-8355High7.52025-08-08In Xerox FreeFlow Core version 8.0.4, improper handling of XML input allows injection of external entities. An attacker can craft malicious XML containing refe…