CISA adds CVE-2026-25108 FileZen command injection vulnerability to Known Exploited Vulnerabilities catalog

CISA has added CVE-2026-25108 to its Known Exploited Vulnerabilities catalog. The entry covers an OS command injection vulnerability in Soliton Systems FileZen secure file transfer solution. The vendor has confirmed active exploitation and stated it has received multiple reports of damage from attackers abusing the flaw. The vulnerability allows remote authenticated attackers to inject commands via a specially crafted HTTP request into a specific field after logging in. It affects both physical and virtual versions of FileZen and requires that antivirus scanning be enabled. It does not affect FileZen S. The flaw impacts FileZen v5.0.0 to v5.0.10 and v4.2.1 to v4.2.8. Customers should upgrade to v5.0.11 or later. CISA has ordered US federal civilian agencies to mitigate the vulnerability The FileZen solution enables secure Public disclosures from the Japanese CERT Coordination Center and a ransomware incident reported