Tag

Cve-2026-39337

1 brief RSS

ChurchCRM Pre-Authentication Remote Code Execution Vulnerability (CVE-2026-39337)

A critical pre-authentication remote code execution vulnerability in ChurchCRM versions prior to 7.1.0 allows unauthenticated attackers to inject arbitrary PHP code during the initial installation process, leading to complete server compromise.

rce cve-2026-39337 churchcrm

2r 2t 2c 3w ago