Vendor
high
advisory
EGroupware Authenticated RCE via Malicious eTemplate Upload (CVE-2026-40187)
1 rule 2 TTPs 3 IOCsAn authenticated EGroupware administrator can achieve OS-level Remote Code Execution (RCE) by uploading a malicious eTemplate XML file (`.xet`) containing unescaped backtick characters that lead to shell command execution within a PHP `eval()` call during template processing (CVE-2026-40187), impacting non-Docker or non-hardened EGroupware deployments.
EGroupware +1
rce
web-vulnerability
php
linux
1r
2t
3i
critical
advisory
EGroupware Critical RCE Vulnerability (CVE-2026-27823)
2 rules 4 TTPsA critical remote code execution vulnerability (CVE-2026-27823) in EGroupware allows an authenticated attacker, or an unauthenticated attacker if self-registration is enabled, to execute arbitrary commands on the server by combining an authorization bypass, arbitrary file write via path traversal, and arbitrary file read, leading to full system compromise.
composer/egroupware/egroupware +1
RCE
web-vulnerability
egroupware
php
critical
exploit
2r
4t