A critical vulnerability in FileZen, a popular file transfer solution from Japan’s Soliton Systems K.K., lets authenticated attackers run arbitrary operating system commands on vulnerable servers. Tracked as CVE-2026-25108, this OS command injection flaw strikes high with CVSS scores of 8.8 (v3.0) and 8.7 (v4.0). It poses a major threat to businesses handling sensitive file […] The post Critical FileZen File Transfer Flaw Allows Arbitrary Command Execution appeared first on Cyber Security News.