Dolibarr 23.0.0: PHP eval() whitelist bypass → RCE via two bugs (CVE-2026-22666)

1 comments

• $jiva 5 hours ago

  Root cause analysis and full PoC. Coordinated disclosure — patch is available as of 4/4/2026