CVE-2026-23500 | Dolibarr up to 22.x Software Package odf.php exec os command injection (GHSA-w5j3-8fcr-h87w)

A vulnerability labeled as critical has been found in Dolibarr up to 22.x. Affected by this vulnerability is the function exec of the file odf.php of the component Software Package Handler. The manipulation results in os command injection.

This vulnerability is identified as CVE-2026-23500. The attack can be executed remotely. There is not any exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More