CVE-2026-51947

CRITICAL

Pivotal CRM 6.6.4.08 - Remote Code Execution via Pivotal.Engine.Client.Services.Conversion.dll

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-51947. PoCs published by timtimxs.

AI-analyzed exploit summary This repository contains a detailed technical analysis of CVE-2026-51947, a regression vulnerability in Pivotal CRM where an incomplete patch for CVE-2026-39253 left deserialization vulnerabilities intact due to misconfigured JSON.NET settings. The advisory includes code snippets, payload examples, and patch details.

Description

An issue in Pivotal CRM 6.6.4.08 and systems using patch-ghi-15381-cwe-502-20251225.zip (fixed in Pivotal CRM 6.6.5.10 and Patch_CWE502_20260316.zip) allows a remote attacker to execute arbitrary code via the Pivotal.Engine.Client.Services.Conversion.dll component. NOTE: this issue exists because of an incomplete fix for CVE-2026-39253.

Exploits (1)

github WRITEUP
by timtimxs · htmlpoc
https://github.com/timtimxs/CVE-2026-51947-Advisory

This repository contains a detailed technical analysis of CVE-2026-51947, a regression vulnerability in Pivotal CRM where an incomplete patch for CVE-2026-39253 left deserialization vulnerabilities intact due to misconfigured JSON.NET settings. The advisory includes code snippets, payload examples, and patch details.

Classification
Writeup 100%
Attack Type
Deserialization
Complexity
Moderate
Reliability
Reliable
Target: Pivotal CRM 6.6.4.08
No auth needed
Prerequisites: Access to vulnerable Pivotal CRM endpoint · Ability to send crafted JSON payloads
mistral-large-3 · analyzed Jul 02, 2026 Full analysis →

Scores

CVSS v3 9.8
EPSS 0.0113
EPSS Percentile 62.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-502
Status published
Published Jul 01, 2026
Tracked Since Jul 02, 2026