4 matches found
CVE-2026-23946
Tendenci is an open source content management system built for non-profits, associations and cause-based sites. Versions 15.3.11 and below include a critical deserialization vulnerability in the Helpdesk module which is not enabled by default. This vulnerability allows Remote Code Execution RCE b...
CVE-2026-23946
Tendenci is an open source content management system built for non-profits, associations and cause-based sites. Versions 15.3.11 and below include a critical deserialization vulnerability in the Helpdesk module which is not enabled by default. This vulnerability allows Remote Code Execution RCE b...
CVE-2026-23946 Tendenci has Authenticated Remote Code Execution via Pickle Deserialization
Tendenci is an open source content management system built for non-profits, associations and cause-based sites. Versions 15.3.11 and below include a critical deserialization vulnerability in the Helpdesk module which is not enabled by default. This vulnerability allows Remote Code Execution RCE b...
PT-2026-3886
Name of the Vulnerable Software and Affected Versions Tendenci versions 15.3.11 and earlier Description Tendenci, an open source content management system, has a critical deserialization issue in the Helpdesk module. An authenticated user with staff security level can achieve Remote Code Executio...