CVE-2026-27947

216.73.216.233

· Published 27/02/2026 20:21 · Modified 27/02/2026 20:21

Labels: CVE-2026-27947 2026-02-27 CVE-2026-27947 CWE-88 [email protected]

Essential information

Published: 27/02/2026 20:21
Modified: 27/02/2026 20:21
Author: —
Creator: —
CVSS: 9.4 CRITICAL (v3) 9.4 CRITICAL (v4.0)
CISA KEV: No
CWE: —
CVSS vector: —

CVSS metrics

Description

Group-Office is an enterprise customer relationship management and groupware tool. Versions prior to 26.0.9, 25.0.87, and 6.8.154 have an authenticated Remote Code Execution vulnerability in the TNEF attachment processing flow. The vulnerable path extracts attacker-controlled files from `winmail.dat` and then invokes `zip` with a shell wildcard (`*`). Because extracted filenames are attacker-controlled, they can be interpreted as `zip` options and lead to arbitrary command execution. Versions 26.0.9, 25.0.87, and 6.8.154 fix the issue.

NVD status

Status: Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source: [email protected]
NVD: View on NVD

Affected products (CPE)

Product	CPE
group-office / group-office	`cpe:2.3:a:group-office:group-office:<26.0.9:::::::*`
group-office / group-office	`cpe:2.3:a:group-office:group-office:<25.0.87:::::::*`
group-office / group-office	`cpe:2.3:a:group-office:group-office:<6.8.154:::::::*`