What is the CVSS score of EUVD-2026-29878?

EUVD-2026-29878 has a CVSS 3.1 base score of 7.2 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of FileMaker Cloud are affected by EUVD-2026-29878?

CVE-2026-43680 allows authenticated FileMaker Cloud administrators to execute arbitrary operating system commands on hosted infrastructure, creating insider threat and credential compromise risks.. A patch is available.

FileMaker Cloud EUVD-2026-29878

| CVE-2026-43680 HIGH

Code Injection (CWE-94)

2026-05-12 apple

GHSA-9682-24hm-2gh4

RCE Code Injection

7.2

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

May 13, 2026 - 15:57 vuln.today

CVSS changed

May 13, 2026 - 15:52 NVD

7.2 (None) 7.2 (HIGH)

Patch available

May 13, 2026 - 02:01 EUVD

CVE Published

May 12, 2026 - 22:24 nvd

UNKNOWN (no severity yet)

CVE Published

May 12, 2026 - 22:24 nvd

HIGH 7.2

DescriptionNVD

A Remote Code Execution vulnerability in Claris FileMaker Cloud allowed a user with Admin Console privileges to bypass a front-end restriction on OS Script schedule types and execute arbitrary operating system commands on the underlying host. This issue is fixed in FileMaker Cloud 2.22.0.5.

AnalysisAI

Authenticated administrators with Admin Console access to FileMaker Cloud can execute arbitrary operating system commands on the underlying host by bypassing front-end restrictions on OS Script schedule types. This vulnerability affects all FileMaker Cloud versions prior to 2.22.0.5 and requires high-privilege administrative credentials to exploit. …

RemediationAI

Within 24 hours: Verify current FileMaker Cloud deployment version and inventory all accounts with Admin Console access. Within 7 days: Upgrade FileMaker Cloud to version 2.22.0.5 or later; simultaneously review Admin Console access logs for suspicious activity and audit admin credential usage patterns. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

EUVD-2026-29878 vulnerability details – vuln.today

Back

FileMaker Cloud EUVD-2026-29878

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code