CVE-2026-31019

HIGH

Dolibarr ERP & CRM <=22.0.4 - Authenticated RCE

Title source: llm

Description

In the Website module of Dolibarr ERP & CRM 22.0.4 and below, the application uses blacklist-based filtering to restrict dangerous PHP functions related to system command execution. An authenticated user with permission to edit PHP content can bypass this filtering, resulting in full remote code execution with the ability to execute arbitrary operating system commands on the server.

References (2)

Core 2

Core References

http://dolibarr.com

https://github.com/PhDg1410/CVE/blob/main/CVE-2026-31019/README.md

View Writeup ZIP pw:eip

Scores

CVSS v3 8.8

EPSS 0.0063

EPSS Percentile 45.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-78

Status published

Products (2)

dolibarr/dolibarr 0Packagist

dolibarr/dolibarr_erp\/crm < 22.0.4

Published Apr 21, 2026

Tracked Since Apr 21, 2026