CVE-2026-2251

Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in Xerox FreeFlow Core allows unauthorized path traversal leading to RCE. This issue affects Xerox FreeFlow Core versions up to and including 8.0.7. Please consider upgrading to FreeFlow Core version 8.1.0 via the software available on - https://www.support.xerox.com/en-us/product/core/downloads https://www.support.xerox.com/en-us/product/core/downloads

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://securitydocs.business.xerox.com/wp-content/uploads/2026/02/Xerox-Security-Bulletin-026-005-for-Xerox-Freeflow-Core.pdf	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:xerox:freeflow_core:*:*:*:*:*:*:*:*

History

17 Jun 2026, 10:30

Type	Values Removed	Values Added
Summary		(es) La vulnerabilidad de limitación inadecuada de un nombre de ruta a un directorio restringido (Salto de ruta) en Xerox FreeFlow Core permite un salto de ruta no autorizado que conduce a RCE. Este problema afecta a las versiones de Xerox FreeFlow Core hasta la 8.0.7 inclusive. Considere actualizar a la versión 8.1.0 de FreeFlow Core a través del software disponible en - https://www.support.xerox.com/en-us/product/core/downloads https://www.support.xerox.com/en-us/product/core/downloads

02 Mar 2026, 18:24

Type	Values Removed	Values Added
References	~~() https://securitydocs.business.xerox.com/wp-content/uploads/2026/02/Xerox-Security-Bulletin-026-005-for-Xerox-Freeflow-Core.pdf -~~	() https://securitydocs.business.xerox.com/wp-content/uploads/2026/02/Xerox-Security-Bulletin-026-005-for-Xerox-Freeflow-Core.pdf - Vendor Advisory
CPE		cpe:2.3:a:xerox:freeflow_core::::::::
First Time		Xerox freeflow Core Xerox

27 Feb 2026, 09:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-02-27 09:16

Updated : 2026-06-17 10:30

NVD link : CVE-2026-2251

Mitre link : CVE-2026-2251

CVE.ORG link : CVE-2026-2251

JSON object : View

Products Affected

xerox

freeflow_core

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

{"id": "CVE-2026-2251", "cveTags": [], "metrics": {"ssvcV203": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "ssvcData": {"id": "CVE-2026-2251", "role": "CISA Coordinator", "options": [{"exploitation": "none"}, {"automatable": "yes"}, {"technicalImpact": "total"}], "version": "2.0.3", "timestamp": "2026-02-28T04:55:30.258511Z"}}], "cvssMetricV31": [{"type": "Secondary", "source": "10b61619-3869-496c-8a1e-f291b0e71e3f", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "affected": [{"source": "10b61619-3869-496c-8a1e-f291b0e71e3f", "affectedData": [{"vendor": "Xerox", "product": "FreeFlow Core", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "8.0.7"}], "platforms": ["Windows"], "defaultStatus": "unaffected"}]}], "published": "2026-02-27T09:16:16.950", "references": [{"url": "https://securitydocs.business.xerox.com/wp-content/uploads/2026/02/Xerox-Security-Bulletin-026-005-for-Xerox-Freeflow-Core.pdf", "tags": ["Vendor Advisory"], "source": "10b61619-3869-496c-8a1e-f291b0e71e3f"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "10b61619-3869-496c-8a1e-f291b0e71e3f", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in Xerox FreeFlow Core allows unauthorized path traversal leading to RCE. \nThis issue affects Xerox FreeFlow Core versions up to and including 8.0.7.\n\n\n\n\n\n\n\nPlease consider upgrading to FreeFlow Core version 8.1.0 via the software available on - https://www.support.xerox.com/en-us/product/core/downloads \n\n https://www.support.xerox.com/en-us/product/core/downloads"}, {"lang": "es", "value": "La vulnerabilidad de limitaci\u00f3n inadecuada de un nombre de ruta a un directorio restringido (Salto de ruta) en Xerox FreeFlow Core permite un salto de ruta no autorizado que conduce a RCE.\nEste problema afecta a las versiones de Xerox FreeFlow Core hasta la 8.0.7 inclusive.\n\nConsidere actualizar a la versi\u00f3n 8.1.0 de FreeFlow Core a trav\u00e9s del software disponible en - https://www.support.xerox.com/en-us/product/core/downloads\n\nhttps://www.support.xerox.com/en-us/product/core/downloads"}], "lastModified": "2026-06-17T10:30:38.033", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:xerox:freeflow_core:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BB016BFC-2C5B-4CFA-BC3C-B5A9DBF893F1", "versionEndExcluding": "8.1.0"}], "operator": "OR"}]}], "sourceIdentifier": "10b61619-3869-496c-8a1e-f291b0e71e3f"}