CVE-2026-23500CRITICAL 9.1EPSS p55.6%

CVE-2026-23500CVE-2026-23500

Description

Dolibarr is an enterprise resource planning (ERP) and customer relationship management (CRM) software package. In versions prior to 23.0.0 , the ODT to PDF conversion process in odf.php concatenates the MAIN_ODT_AS_PDF configuration constant directly into a shell command passed to exec() without sanitization. An authenticated administrator can inject arbitrary OS commands via this constant using command separators, achieving remote code execution as the web server user when any ODT template is generated. This issue has been fixed in version 23.0.0.

Scoring

CVSS 3.19.1 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
EPSS0.92% probability of exploitation · percentile 55.6% · 2026-06-19T12:03:05Z
Published2026-04-17
Last modified2026-05-01

Underlying weaknesses· 1

CWE-78

References

  1. https://github.com/Dolibarr/dolibarr/releases/tag/23.0.0
  2. https://github.com/Dolibarr/dolibarr/security/advisories/GHSA-w5j3-8fcr-h87w

1

TypeTargetConfidenceTier
WeaknessImproper Neutralization of Special Elements used in an OS Command ('OS Command Injection')cwe-780%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-31019
CVE
CVE-2026-11619
CVE
CVE-2026-31018
CVE
CVE-2025-56588
CVE
CVE-2026-10154
CVE
CVE-2025-69634
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.