CVE-2026-3264

Name of the Vulnerable Software and Affected Versions go2ismail Free-CRM versions prior to b83c40a90726d5e58f0cc680ffdcaa28a03fb5d1

Description A flaw exists in go2ismail Free-CRM’s Administrative Interface component that allows for code execution after redirection via remote manipulation. The vendor was notified of this issue but did not respond. The product uses a rolling release model, making specific version information for affected or updated releases unavailable. The exploit has been publicly disclosed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.