PatchSiren cyber security CVE debrief
CVE-2026-43752 Claris CVE debrief
An authenticated administrator may be able to achieve arbitrary code execution on the host system by uploading a malicious file through the Open Source LLM setup feature in the Admin Console. This vulnerability has been addressed in FileMaker Server 26.0.1. The vulnerability has a CVSS score of 4.9 and is considered medium-severity. The vulnerability requires administrative privileges to exploit.
- Vendor
- Claris
- Product
- FileMaker Server
- CVSS
- MEDIUM 4.9
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-09
- Original CVE updated
- 2026-07-10
- Advisory published
- 2026-07-09
- Advisory updated
- 2026-07-10
Who should care
Administrators and users of FileMaker Server 26.0.1, particularly those with administrative privileges, should be aware of this vulnerability and take necessary precautions. They should verify their systems and apply the patch if necessary.
Technical summary
CVE-2026-43752 is a medium-severity vulnerability (CVSS score: 4.9) that allows an authenticated administrator to execute arbitrary code on the host system. The vulnerability is caused by a flaw in the Open Source LLM setup feature in the Admin Console, which can be exploited by uploading a malicious file. The vulnerability affects FileMaker Server 26.0.1 and has been addressed in this version. To mitigate this vulnerability, administrators should verify their systems and apply the patch if necessary. Additionally, they should restrict administrative access to the Admin Console to only trusted administrators and monitor for suspicious activity by regularly reviewing system logs for potential exploitation attempts.
Defensive priority
Medium priority due to the requirement for administrative privileges and the availability of a patch.
Recommended defensive actions
- Apply the patch: Upgrade to FileMaker Server 26.0.1 to address the vulnerability.
- Restrict administrative access: Limit access to the Admin Console to only trusted administrators.
- Monitor for suspicious activity: Regularly review system logs for potential exploitation attempts.
- Review compensating controls for exposed systems while remediation is scheduled and verified.
- Check relevant monitoring, detection, and logs for exposed assets that need extra review.
- Track exceptions, retest remediated assets, and close the item only after evidence is documented.
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up.
Evidence notes
The CVE record was published on 2026-07-09T18:16:52.160Z and last modified on 2026-07-10T14:34:22.677Z. The NVD entry is currently Analyzed. The vulnerability affects FileMaker Server 26.0.1 and has been addressed in this version. Administrators should verify their systems and apply the patch if necessary.
Official resources
-
CVE-2026-43752 CVE record
CVE.org
-
CVE-2026-43752 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-09T18:16:52.160Z and has not been modified since then. The NVD entry is currently Analyzed.