Lucene search
K

5 matches found

NVD
NVD
added 2026/05/26 6:16 p.m.16 views

CVE-2026-46624

Twenty is an open source CRM. From 1.7.7 through 1.16.7, a critical Remote Code Execution RCE vulnerability exists in Twenty CRM via a chained SQL Injection and PostgreSQL COPY TO PROGRAM attack. If Postgres user is a super user then any authenticated user can execute arbitrary OS commands on the...

9.9CVSS0.00483EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/26 5:1 p.m.11 views

CVE-2026-46624 Twenty: SQL Injection via the timeZone field

Twenty is an open source CRM. From 1.7.7 through 1.16.7, a critical Remote Code Execution RCE vulnerability exists in Twenty CRM via a chained SQL Injection and PostgreSQL COPY TO PROGRAM attack. If Postgres user is a super user then any authenticated user can execute arbitrary OS commands on the...

9.9CVSS6.2AI score0.00483EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 5:1 p.m.7 views

CVE-2026-46624

Twenty is an open source CRM. From 1.7.7 through 1.16.7, a critical Remote Code Execution RCE vulnerability exists in Twenty CRM via a chained SQL Injection and PostgreSQL COPY TO PROGRAM attack. If Postgres user is a super user then any authenticated user can execute arbitrary OS commands on the...

9.9CVSS6.2AI score0.00483EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/05/26 5:1 p.m.46 views

CVE-2026-46624 Twenty: SQL Injection via the timeZone field

Twenty is an open source CRM. From 1.7.7 through 1.16.7, a critical Remote Code Execution RCE vulnerability exists in Twenty CRM via a chained SQL Injection and PostgreSQL COPY TO PROGRAM attack. If Postgres user is a super user then any authenticated user can execute arbitrary OS commands on the...

9.9CVSS0.00483EPSS
Exploits1References1
CVE
CVE
added 2026/05/26 5:1 p.m.45 views

CVE-2026-46624

CVE-2026-46624 affects Twenty CRM (open source). From 1.7.7 to 1.16.7, a critical Remote Code Execution (RCE) exists via a chained SQL Injection and a PostgreSQL COPY TO PROGRAM attack. If the PostgreSQL user is a super user, any authenticated user can execute arbitrary OS commands on the databas...

9.9CVSS6.2AI score0.00483EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder