Package impact
COMPOSER / dolibarr/dolibarr
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-23500 | critical | 9.1 | 9.1 | 1mo ago | Dolibarr: OS Command Injection (RCE) via MAIN_ODT_AS_PDF configuration | |||
| CVE-2026-31019 | high | — | 8.0 | 1mo ago | Dolibarr user with permission to edit PHP content can bypass filtering to restrict dangerous PHP functions | |||
| CVE-2026-7689 | low | 3.7 | 3.7 | 25d ago | Dolibarr has Insufficient Verification of Data Authenticity |