soliton CVE Vulnerabilities & Metrics

Focus on soliton vulnerabilities and metrics.

Last updated: 08 Mar 2026, 23:25 UTC

About soliton Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with soliton. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total soliton CVEs: 6
Earliest CVE date: 15 Nov 2018, 15:29 UTC
Latest CVE date: 13 Feb 2026, 04:15 UTC

Latest CVE reference: CVE-2026-25108

Rolling Stats

30-day Count (Rolling): 1
365-day Count (Rolling): 1

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical soliton CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 5.67

Max CVSS: 10.0

Critical CVEs (≥9): 3

CVSS Range vs. Count

Range	Count
0.0-3.9	2
4.0-6.9	1
7.0-8.9	0
9.0-10.0	3

CVSS Distribution Chart

Top 5 Highest CVSS soliton CVEs

These are the five CVEs with the highest CVSS scores for soliton, sorted by severity first and recency.

CVE-2020-5639 soliton Published on 14 Dec 2020, 03:15 UTC (CVSS: 10.0)
Directory traversal vulnerability in FileZen versions from V3.0.0 to V4.2.2 allows remote attackers to upload an arbitrary file in a specific directory via unspecified vectors. As a result, an arbitrary OS command may be executed.
CVE-2018-0694 soliton Published on 15 Nov 2018, 15:29 UTC (CVSS: 10.0)
FileZen V3.0.0 to V4.2.1 allows remote attackers to execute arbitrary OS commands via unspecified vectors.
CVE-2021-20655 soliton Published on 17 Feb 2021, 03:15 UTC (CVSS: 9.0)
FileZen (V3.0.0 to V4.2.7 and V5.0.0 to V5.0.2) allows a remote attacker with administrator rights to execute arbitrary OS commands via unspecified vectors.
CVE-2018-0693 soliton Published on 15 Nov 2018, 15:29 UTC (CVSS: 5.0)
Directory traversal vulnerability in FileZen V3.0.0 to V4.2.1 allows remote attackers to upload an arbitrary file in the specific directory in FileZen via unspecified vectors.
CVE-2026-25108 soliton Published on 13 Feb 2026, 04:15 UTC (CVSS: 0)
FileZen contains an OS command injection vulnerability. When FileZen Antivirus Check Option is enabled, a logged-in user may send a specially crafted HTTP request to execute an arbitrary OS command.

All CVEs for soliton

CVE-2026-25108 soliton vulnerability CVSS: 0 13 Feb 2026, 04:15 UTC

FileZen contains an OS command injection vulnerability. When FileZen Antivirus Check Option is enabled, a logged-in user may send a specially crafted HTTP request to execute an arbitrary OS command.

CVE-2023-39341 soliton vulnerability CVSS: 0 09 Aug 2023, 03:15 UTC

"FFRI yarai", "FFRI yarai Home and Business Edition" and their OEM products handle exceptional conditions improperly, which may lead to denial-of-service (DoS) condition. Affected products and versions are as follows: FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0, FFRI yarai Home and Business Edition version 1.4.0, InfoTrace Mark II Malware Protection (Mark II Zerona) versions 3.0.1 to 3.2.2, Zerona / Zerona PLUS versions 3.2.32 to 3.2.36, ActSecure χ versions 3.4.0 to 3.4.6 and 3.5.0, Dual Safe Powered by FFRI yarai version 1.4.1, EDR Plus Pack (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0), and EDR Plus Pack Cloud (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0).

CVE-2021-20655 soliton vulnerability CVSS: 9.0 17 Feb 2021, 03:15 UTC

FileZen (V3.0.0 to V4.2.7 and V5.0.0 to V5.0.2) allows a remote attacker with administrator rights to execute arbitrary OS commands via unspecified vectors.

CVE-2020-5639 soliton vulnerability CVSS: 10.0 14 Dec 2020, 03:15 UTC

Directory traversal vulnerability in FileZen versions from V3.0.0 to V4.2.2 allows remote attackers to upload an arbitrary file in a specific directory via unspecified vectors. As a result, an arbitrary OS command may be executed.

CVE-2018-0694 soliton vulnerability CVSS: 10.0 15 Nov 2018, 15:29 UTC

FileZen V3.0.0 to V4.2.1 allows remote attackers to execute arbitrary OS commands via unspecified vectors.

CVE-2018-0693 soliton vulnerability CVSS: 5.0 15 Nov 2018, 15:29 UTC

Directory traversal vulnerability in FileZen V3.0.0 to V4.2.1 allows remote attackers to upload an arbitrary file in the specific directory in FileZen via unspecified vectors.