CVE-2026-43685
Summary
| CVE | CVE-2026-43685 |
|---|---|
| State | PUBLISHED |
| Assigner | apple |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-05-12 23:16:17 UTC |
| Updated | 2026-05-12 23:16:17 UTC |
| Description | A Remote Code Execution vulnerability in Claris FileMaker Cloud allowed a user with Admin Console privileges to inject arbitrary operating system commands through unsanitized input in the External ODBC Data Source connection test feature. This issue is fixed in FileMaker Cloud 2.22.0.5. |
Risk And Classification
Problem Types: A Remote Code Execution vulnerability in Claris FileMaker Cloud allowed a user with Admin Console privileges to inject arbitrary operating system commands through unsanitized input in the External ODBC Data Source connection test feature.
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Claris | FileMaker Cloud | affected 2.22.0.5 custom | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| support.claris.com/s/answerview | [email protected] | support.claris.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.