Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

GFI Software — Vulnerabilities & Security Advisories 26

Browse all 26 CVE security advisories affecting GFI Software. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by GFI Software:MailEssentials AIHelpDeskKerio Control
CVE IDTitleCVSSSeverityPublished
CVE-2026-23753 GFI HelpDesk < 4.99.9 Stored XSS via charset Parameter — HelpDeskCWE-79 4.8 Medium2026-04-20
CVE-2026-23752 GFI HelpDesk < 4.99.9 Stored XSS via companyname Parameter — HelpDeskCWE-79 4.8 Medium2026-04-20
CVE-2026-23756 GFI HelpDesk < 4.99.9 Stored XSS via Troubleshooter Step Subject — HelpDeskCWE-79 5.4 Medium2026-04-20
CVE-2026-23758 GFI HelpDesk < 4.99.9 Stored XSS via editsubject Parameter — HelpDeskCWE-79 5.4AIMediumAI2026-04-20
CVE-2026-23757 GFI HelpDesk < 4.99.10 Stored XSS via Reports Module — HelpDeskCWE-79 5.4 Medium2026-04-20
CVE-2026-23621 GFI MailEssentials AI < 22.4 ListServer.IsPathExist() Absolute Directory Traversal to File Enumeration — MailEssentials AICWE-203 4.3 Medium2026-02-19
CVE-2026-23620 GFI MailEssentials AI < 22.4 ListServer.IsDbExist() Absolute Directory Traversal to File Enumeration — MailEssentials AICWE-203 4.3 Medium2026-02-19
CVE-2026-23619 GFI MailEssentials AI < 22.4 General Settings Local Domains Domain Description Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23618 GFI MailEssentials AI < 22.4 Anti-Spam Spam Keyword Checking Subject Condition Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23617 GFI MailEssentials AI < 22.4 Anti-Spam Spam Keyword Checking Body Condition Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23616 GFI MailEssentials AI < 22.4 Anti-Spam Anti-Spoofing Description Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23615 GFI MailEssentials AI < 22.4 Anti-Spam Sender Policy Framework Email Exceptions Description Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23614 GFI MailEssentials AI < 22.4 Anti-Spam Sender Policy Framework IP Exceptions Description Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23613 GFI MailEssentials AI < 22.4 Anti-Spam URI DNS Blocklist Domain Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23612 GFI MailEssentials AI < 22.4 Anti-Spam IP DNS Blocklist Domain Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23611 GFI MailEssentials AI < 22.4 Anti-Spam IP Blocklist Description Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23610 GFI MailEssentials AI < 22.4 POP2Exchange POP3 Server Login Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23609 GFI MailEssentials AI < 22.4 General Settings Perimeter SMTP Servers Description Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23608 GFI MailEssentials AI < 22.4 Email Management Mail Monitoring Rule Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23607 GFI MailEssentials AI < 22.4 Anti-Spam Whitelist Description Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23606 GFI MailEssentials AI < 22.4 Advanced Content Filtering Rule Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23605 GFI MailEssentials AI < 22.4 Attachment Filtering Rule Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2026-23604 GFI MailEssentials AI < 22.4 Keyword Filtering Rule Stored XSS — MailEssentials AICWE-79 5.4 Medium2026-02-19
CVE-2025-34071 GFI Kerio Control Unsigned System Image Upload Root Code Execution — Kerio ControlCWE-306 7.2AIHighAI2025-07-02
CVE-2025-34070 GFI Kerio Control GFIAgent Missing Authentication on Administrative Interfaces — Kerio ControlCWE-306 9.8AICriticalAI2025-07-02
CVE-2025-34069 GFI Kerio Control GFIAgent Authentication Bypass via Proxy Forwarding — Kerio ControlCWE-306 9.8AICriticalAI2025-07-02

This page lists every published CVE security advisory associated with GFI Software. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.