PT-2026-26440 · Suitecrm · Suitecrm
Quirmz
·
Published
2026-03-19
·
Updated
2026-03-20
·
CVE-2026-29102
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
SuiteCRM versions prior to 7.15.1
SuiteCRM versions prior to 8.9.3
Description
SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Before versions 7.15.1 and 8.9.3, an Authenticated Remote Code Execution (RCE) issue exists in SuiteCRM modules. This allows for the potential execution of arbitrary code on a remote system.
Recommendations
Update to SuiteCRM version 7.15.1 or later.
Update to SuiteCRM version 8.9.3 or later.
Exploit
Fix
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Suitecrm