Ghostwire

CVE-2026-43685: A Remote Code Execution vulnerability in Claris FileMaker Cloud allowed a user with Admin Console privileges to inject...

HIGH CVSS 7.5 EPSS 0.23%

Published: May 12, 2026 | Last Modified: May 12, 2026

Description

A Remote Code Execution vulnerability in Claris FileMaker Cloud allowed a user with Admin Console privileges to inject arbitrary operating system commands through unsanitized input in the External ODBC Data Source connection test feature. This issue is fixed in FileMaker Cloud 2.22.0.5.

Ghostwire Analysis — What This Means Practically

Exploitation Probability (EPSS): Low — 0.23% (46th percentile)

Low exploitation probability based on current threat landscape data. Standard patching timeline is appropriate.

High CVSS score indicates significant risk — exploitation could lead to substantial data exposure or system compromise.

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

CVE-2026-43685: A Remote Code Execution vulnerability in Claris FileMaker Cloud allowed a user with Admin Console privileges to inject...

Description

Ghostwire Analysis — What This Means Practically

Security Coverage (2 articles)

References