CVE-2026-6265

Summary

Insecure preserved inherited permissions vulnerability in Cerberus FTP Server on Windows allows Privilege Escalation.This issue has been resolved in Cerberus FTP Server: 2026.1

Affected Software

VendorProductVersion RangeStatus
CerberusCerberus FTP Server0 <= 2025.4.2affected
CerberusCerberus FTP Server2026.1unaffected

Weaknesses

  • CWE-278: CWE-278 Insecure preserved inherited permissions

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

Additional References

References