{"data":{"id":"a4b2b0ff-8a6d-43b6-aca6-04a063e13b4c","title":"CVE-2026-34724: Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1, a server-side template injection vul","summary":"Zammad, a web-based customer support system, had a server-side template injection vulnerability (a flaw where attackers can inject malicious code into templates that the server processes) in versions before 7.0.1 that could lead to RCE (remote code execution, where an attacker can run commands on a system they don't own). The vulnerability only affects systems where an attacker has administrative access to control the type_enrichment_data configuration setting.","solution":"This vulnerability is fixed in version 7.0.1. Users should upgrade to Zammad 7.0.1 or later.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-34724","publishedAt":"2026-04-08T19:25:22.723Z","cveId":"CVE-2026-34724","cweIds":["CWE-94","CWE-1336"],"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":[],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["Zammad"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-04-08T19:25:22.723Z","capecIds":["CAPEC-242"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","availability"],"aiComponentTargeted":"agent","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}