Unrated severityNVD Advisory· Published Dec 16, 2025· Updated Feb 26, 2026
CVE-2025-46295
CVE-2025-46295
Description
Apache Commons Text versions prior to 1.10.0 included interpolation features that could be abused when applications passed untrusted input into the text-substitution API. Because some interpolators could trigger actions like executing commands or accessing external resources, an attacker could potentially achieve remote code execution. This vulnerability has been fully addressed in FileMaker Server 22.0.4.
Affected products
2- Range: <1.10.0
- Claris/FileMaker Serverv5Range: unspecified
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.