CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

303 matches found

Cvelist•added 2026/02/27 7:52 p.m.•15 views

CVE-2026-27947 Group-Office Vulnerable to Remote Code Execution (RCE)

Group-Office is an enterprise customer relationship management and groupware tool. Versions prior to 26.0.9, 25.0.87, and 6.8.154 have an authenticated Remote Code Execution vulnerability in the TNEF attachment processing flow. The vulnerable path extracts attacker-controlled files from winmail.d...

9.4CVSS0.0013EPSS

Exploits0References1

CVE•added 2026/02/27 7:52 p.m.•6 views

CVE-2026-27947

CVE-2026-27947 affects Group-Office and enables authenticated Remote Code Execution through the TNEF attachment processing flow. In affected versions (prior to 26.0.9, 25.0.87, and 6.8.154), processing winmail.dat extracts attacker-controlled files and then calls zip with a shell wildcard. Due to...

9.4CVSS6.2AI score0.0013EPSS

Exploits0References1Affected Software1

EUVD•added 2026/02/27 7:52 p.m.•3 views

EUVD-2026-9060

9.4CVSS6.2AI score0.0013EPSS

Exploits0References1

Vulnrichment•added 2026/02/27 7:52 p.m.•1 views

CVE-2026-27947 Group-Office Vulnerable to Remote Code Execution (RCE)

9.4CVSS6.2AI score0.0013EPSS

Exploits0References1

OSV•added 2026/02/27 7:52 p.m.•1 views

CVE-2026-27947 Group-Office Vulnerable to Remote Code Execution (RCE)

9.4CVSS6.2AI score0.0013EPSS

Exploits0References3

RedhatCVE•added 2026/02/06 1:25 a.m.•2 views

CVE-2026-25512

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.150, 25.0.82, and 26.0.5, there is a remote code execution RCE vulnerability in Group-Office. The endpoint email/message/tnefAttachmentFromTempFile directly concatenates the user-controlled...

9.4CVSS6.7AI score0.23825EPSS

Exploits2References1

GithubExploit•added 2026/02/04 10:59 p.m.•177 views

Exploit for CVE-2026-25512

CVE-2026-25512 PoC – Group-Office Authenticated RCE via TNEF H...

9.4CVSS5.3AI score0.23825EPSS

Exploits2

ATTACKERKB•added 2026/02/04 8:39 p.m.•3 views

CVE-2026-25512

9.4CVSS6.7AI score0.23825EPSS

Exploits2References3Affected Software1

Vulnrichment•added 2026/02/04 8:39 p.m.•1 views

CVE-2026-25512 Group-Office is vulnerable to RCE due to Command Injection via TNEF Attachment Handler

9.4CVSS6.7AI score0.23825EPSS

Exploits2References2

CVE•added 2026/02/04 8:39 p.m.•17 views

CVE-2026-25512

CVE-2026-25512 affects Group-Office prior to versions 6.8.150, 25.0.82, and 26.0.5. The vulnerability is an authenticated remote code execution via the /email/message/tnefAttachmentFromTempFile endpoint, where the user-controlled parameter tmp_file is directly concatenated into an exec() call. In...

9.4CVSS6.7AI score0.23825EPSS

Exploits2References2Affected Software1

Cvelist•added 2026/02/04 8:39 p.m.•21 views

CVE-2026-25512 Group-Office is vulnerable to RCE due to Command Injection via TNEF Attachment Handler

9.4CVSS0.23825EPSS

Exploits2References2

CNNVD•added 2026/02/04 12:0 a.m.•4 views

Group Office 操作系统命令注入漏洞

Group Office is a modular office suite developed by the Dutch company Group Office. Versions of Group Office prior to 6.8.150, 25.0.82, and 26.0.5 contained an operating system command injection vulnerability. This vulnerability stemmed from improper parameter concatenation in the...

9.4CVSS5.8AI score0.23825EPSS

Exploits2References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2000-0610

Malware in sbrugna...

10CVSS6.4AI score0.0096EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-18084

Malware in sbrugna...

8.8CVSS8.6AI score0.00608EPSS

Exploits1References6