Initiatives for
As the national authority for Cybersecurity the CCB has developed several initiatives for specific publics which are presented here.
Warning: Critical Vulnerability identified in Apache Commons Text, Patch Immediately!
Image
Published : 17/12/2025
- Last update: 17/12/2025
- Affected software:
→ Apache Commons Text prior to version 1.10.0
→ Claris FileMaker Server prior to version 22.0.4- Type: Code injection
- CVE/CVSS
→ CVE-2025-46295: CVSS 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Sources
Claris - https://support.claris.com/s/answerview?anum=000049059&language=en_US
Risks
A critical vulnerability, having a CVSS score of 9.8, has been identified and patched in Apache Commons Text prior to version 1.10.0, a set of helper tools for Java developers to manipulate and safely handle text.
Apache Commons Text has been involved in another critical known vulnerability back in 2022, CVE-2022-42889 – “Text4Shell”.
Successful exploitation could lead to full remote compromise of FileMaker Server instances, allowing attackers to execute arbitrary commands, access sensitive data, or pivot within the network. This threatens confidentiality, integrity, and availability of critical business data managed by FileMaker Server.
Description
Apache Commons Text is a low-level library for performing various text operations, such as escaping, calculating string differences, and substituting placeholders in the text with values looked up through interpolators.
CVE-2025-46295 is a critical vulnerability found in Claris FileMaker Server that stems from the use of Apache Commons Text library versions prior to 1.10.0.
The vulnerability involves text interpolation features that can be exploited through untrusted input, allowing attackers to inject malicious input that triggers interpolators capable of executing arbitrary system commands or accessing external resources.
Because some interpolators could trigger actions like executing commands or accessing external resources, an attacker could potentially achieve remote code execution (RCE) without requiring authentication or user interaction.
Although no public exploits have been reported yet, the nature of vulnerability and the widespread use of FileMaker Server in enterprise environments make it a significant threat.
Recommended Actions
Patch
This vulnerability has been fully addressed in FileMaker Server 22.0.4.
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority after thorough testing.
Monitor/Detect
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity and ensure a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via https://ccb.belgium.be/en/cert/report-incident.
While patching appliances or software to the newest version may protect against future exploitation, it does not remediate historic compromise.
4.3 References
National Vulnerability Database - https://nvd.nist.gov/vuln/detail/CVE-2025-46295
GitHub - https://github.com/advisories/GHSA-9gm8-6rq9-qj6f