Known Vulnerabilities for Dolibarr Erp/crm by Dolibarr
Listed below are 10 of the newest known vulnerabilities associated with "Dolibarr Erp/crm" by "Dolibarr".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-58376 json | Dolibarr through 23.0.3, fixed in commit 14db36e, contains a sql injection vulnerability that allows authenticated API users ... | Not Provided | 2026-06-30 | 2026-06-30 |
| CVE-2026-37713 json | An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code ... | Not Provided | 2026-05-27 | 2026-05-28 |
| CVE-2026-37712 json | An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code ... | Not Provided | 2026-05-27 | 2026-05-28 |
| CVE-2026-37711 json | An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code ... | Not Provided | 2026-05-27 | 2026-05-27 |
| CVE-2026-34036 json | Not Provided | 2026-03-31 | 2026-04-03 | |
| CVE-2026-31019 json | In the Website module of Dolibarr ERP & CRM 22.0.4 and below, the application uses blacklist-based filtering to restrict dang... | Not Provided | 2026-04-21 | 2026-07-05 |
| CVE-2026-31018 json | In Dolibarr ERP & CRM <= 22.0.4, PHP code detection and editing permission enforcement in the Website module is not applied c... | Not Provided | 2026-04-21 | 2026-07-05 |
| CVE-2026-23500 json | Dolibarr is an enterprise resource planning (ERP) and customer relationship management (CRM) software package. In versions pr... | Not Provided | 2026-04-17 | 2026-04-18 |
| CVE-2026-22666 json | Not Provided | 2026-04-07 | 2026-04-24 | |
| CVE-2026-11619 json | A vulnerability was identified in Dolibarr ERP CRM up to 23.0.2. The impacted element is an unknown function of the file htdo... | Not Provided | 2026-06-09 | 2026-06-09 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Dolibarr | Dolibarr Erp/crm | 9.0.3 | |||
| Application | Dolibarr | Dolibarr Erp/crm | 9.0.2 | |||
| Application | Dolibarr | Dolibarr Erp/crm | 9.0.1 | |||
| Application | Dolibarr | Dolibarr Erp/crm | 9.0.0 | |||
| Application | Dolibarr | Dolibarr Erp/crm | 8.0.5 | |||
| Application | Dolibarr | Dolibarr Erp/crm | 8.0.4 | |||
| Application | Dolibarr | Dolibarr Erp/crm | 8.0.3 | |||
| Application | Dolibarr | Dolibarr Erp/crm | 8.0.2 | |||
| Application | Dolibarr | Dolibarr Erp/crm | 8.0.1 | |||
| Application | Dolibarr | Dolibarr Erp/crm | 8.0.0 | |||
| Application | Dolibarr | Dolibarr Erp/crm | 7.0.5 | |||
| Application | Dolibarr | Dolibarr Erp/crm | 7.0.4 | |||
| Application | Dolibarr | Dolibarr Erp/crm | 7.0.3 | |||
| Application | Dolibarr | Dolibarr Erp/crm | 7.0.2 | |||
| Application | Dolibarr | Dolibarr Erp/crm | 7.0.1 | |||
| Application | Dolibarr | Dolibarr Erp/crm | 7.0.0 | |||
| Application | Dolibarr | Dolibarr Erp/crm | 6.0.8 | |||
| Application | Dolibarr | Dolibarr Erp/crm | 6.0.7 | |||
| Application | Dolibarr | Dolibarr Erp/crm | 6.0.6 | |||
| Application | Dolibarr | Dolibarr Erp/crm | 6.0.5 |