Vulnerability Database

309,614

Total vulnerabilities in the database

CVE-2025-53900

Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, an unfavourable definition of roles and permissions in Kiteworks MFT on managing Connections could lead to unexpected escalation of privileges for authorized users. This issue has been patched in version 9.1.0.

Published: Nov 29, 2025
Updated: Nov 30, 2025
CVE: CVE-2025-53900
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CWEs:

CWE-267

Affected Software
References

No affected software listed.

https://github.com/kiteworks/security-advisories/security/advisories/GHSA-gjq3-8v6p-2h6h

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo