CVE lookup
CVE-2026-23698
Pruva has a verified reproduction for CVE-2026-23698: Vtiger CRM through 8.4.0 allows authenticated admin users to achieve remote code execution by uploading a crafted module ZIP that places PHP files in the web-accessible modules/ directory.. The canonical evidence record is REPRO-2026-00273.
REPRO
REPRO-2026-00273
Package
Vtiger CRM · other
Severity
HIGH
Status
published