CVE-2025-54788

Name of the Vulnerable Software and Affected Versions SuiteCRM versions prior to 7.14.7

Description SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. The InboundEmail module allows the arbitrary execution of queries in the backend database, leading to SQL injection. This can have wide-reaching implications on confidentiality, integrity, and availability, as database data can be retrieved, modified, or removed entirely.

Recommendations Update SuiteCRM to version 7.14.7.