EIP-2026-107614

PRE-CVE

Horde Groupware Webmail 3/4/5 - Multiple Remote Code Executions

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-107614. PoCs published by SecuriTeam.

AI-analyzed exploit summary This is a detailed technical analysis of two remote code execution vulnerabilities in Horde Groupware Webmail, focusing on the authentication and unauthenticated RCE via the GPG feature. The writeup includes code paths, vulnerable functions, and patch details.

Description

Horde Groupware Webmail 3/4/5 - Multiple Remote Code Executions

Exploits (1)

exploitdb WRITEUP

by SecuriTeam · textwebappsphp

https://www.exploit-db.com/exploits/41864

View Code ZIP pw:eip

This is a detailed technical analysis of two remote code execution vulnerabilities in Horde Groupware Webmail, focusing on the authentication and unauthenticated RCE via the GPG feature. The writeup includes code paths, vulnerable functions, and patch details.

Classification

Writeup 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Horde Groupware Webmail Edition (versions 5, 4, and 3)

Auth required

Prerequisites: GnuPG feature enabled on the target server · Path to GPG binary defined in configuration · User preferences allowing PGP usage

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026