Xerox Vulnerabilities
Comprehensive security vulnerability database for Xerox products
3
1
3
0
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2026-2252 | 7.5 | This vulnerability allows an attacker to trick the Xerox FreeFlow Core software into making unauthorized requests to other servers, potentially exposing sensitive information or services. It affects versions up to 8.0.7, so it's important to upgrade to version 8.1.0 to protect against this risk. | xeroxfreeflow core | Exploit Available | about 1 month agoFeb 27, 2026 |
| CVE-2026-2251 | 9.8 | This vulnerability allows an attacker to access unauthorized files on the system, potentially leading to remote code execution, which means they could run malicious software on the affected Xerox FreeFlow Core software. It affects versions up to 8.0.7, so upgrading to version 8.1.0 is crucial to protect against this risk. | xeroxfreeflow core | Exploit Available | about 1 month agoFeb 27, 2026 |
| CVE-2024-55925 | 7.5 | An attacker can gain unauthorized access to sensitive API endpoints in Xerox Workplace Suite by tricking the system into accepting a fake Host header. This vulnerability occurs if the server doesn't properly check the Host header, allowing the attacker to bypass restrictions meant to limit access to specific hosts. | xeroxworkplace suite | Exploit Available | about 1 year agoJan 23, 2025 |
About Xerox Security
This page tracks all publicly disclosed security vulnerabilities (CVEs) affecting Xerox products. Our database is updated in real-time from the National Vulnerability Database (NVD) and enriched with exploit information from GitHub and other security research sources.
Each CVE listing includes CVSS severity scores, exploit availability status, AI-powered vulnerability summaries, and links to official patches and security advisories.