Package impact
COMPOSER / dolibarr/dolibarr
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-23500 | critical | 9.1 | 9.1 | 1mo ago | Dolibarr: OS Command Injection (RCE) via MAIN_ODT_AS_PDF configuration | |
| CVE-2026-31019 | high | — | 8.0 | 1mo ago | Dolibarr user with permission to edit PHP content can bypass filtering to restrict dangerous PHP functions | |
| CVE-2026-7688 | medium | 5.0 | 5.0 | 25d ago | Dolibarr has an Injection issue |