The FME manufacturer Safe Software Inc. announced on March 4, 2026, that FME Flow has a potentially exploitable security vulnerability. You can find the relevant information and patches exclusively in the manufacturer's support center at this link:
|
Note: Please note that this website is access-protected and you need a (free) account. |
We ask for your understanding that VertiGIS cannot provide the patch nor make more specific statements regarding the criticality of the security vulnerability. The manufacturer assigns a score of 9.3 for the CVE.
Depending on the version, the following options are available to fix the security vulnerability:
- New installers with version numbers 2023.2.6.1, 2024.0.5.1, 2024.1.4.1, 2024.2.5.1, 2025.0.3.1, 2025.1.3.4, 2025.2.4
- Manually installable patches for versions greater than or equal to 2023.2
Please note that FME Flow is affected on all platforms: Windows, Linux, and Docker/Kubernetes.
The current version FME Flow 2025.2.4 is also available in our con terra Portal in the download area.
FME Flow hosted systems have already been automatically patched by the manufacturer. FME Form is not affected by the security vulnerability.
Comments
0 comments
Please sign in to leave a comment.