Product
A critical remote code execution vulnerability (CVE-2026-27823) in EGroupware allows an authenticated attacker, or an unauthenticated attacker if self-registration is enabled, to execute arbitrary commands on the server by combining an authorization bypass, arbitrary file write via path traversal, and arbitrary file read, leading to full system compromise.