CVE-2026-29104

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2026-29104

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-29104.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2026-29104

Aliases

GHSA-5hx9-cmmx-26p3

Published

2026-03-19T22:55:51.535Z

Modified

2026-04-10T05:41:30.957617Z

Severity

2.7 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N CVSS Calculator

Summary

SuiteCRM Vulnerable to Authenticated Arbitrary File Upload via Configurator addfontresult View in SuiteCRM

Details

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Prior to versions 7.15.1 and 8.9.3, SuiteCRM contains an authenticated arbitrary file upload vulnerability in the Configurator module. An authenticated administrator can bypass intended file type restrictions when uploading PDF font files, allowing arbitrary files with attacker‑controlled filenames to be written to the server. Although the upload directory is not directly web‑accessible by default, this behavior breaks security boundaries and may enable further attacks when combined with other vulnerabilities or in certain deployment configurations. Versions 7.15.1 and 8.9.3 patch the issue.

Database specific

{
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-434"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/29xxx/CVE-2026-29104.json"
}

References

Affected packages

Git / github.com/suitecrm/suitecrm

Affected ranges

Type

GIT

Repo

https://github.com/suitecrm/suitecrm

Events

Introduced

Fixed

7f2b384db8531c735b72abc87b65202f9713bfa6

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "7.15.1"
        }
    ]
}

Affected versions

7.*

7.9.6

v.*

v.7.9.11

v7.*

v7.0.2

v7.1

v7.1.1

v7.1.2

v7.1.3

v7.1.4

v7.10.0

v7.10.1

v7.10.10

v7.10.11

v7.10.12

v7.10.2

v7.10.3

v7.10.4

v7.10.5

v7.10.6

v7.10.7

v7.11.0

v7.11.1

v7.11.11

v7.11.12

v7.11.13

v7.11.14

v7.11.15

v7.11.16

v7.11.17

v7.11.18

v7.11.2

v7.11.3

v7.11.4

v7.11.5

v7.11.6

v7.11.7

v7.11.8

v7.12-rc

v7.12.0

v7.12.1

v7.12.2

v7.12.3

v7.12.4

v7.12.5

v7.12.6

v7.12.7

v7.12.8

v7.13.0

v7.13.0-beta

v7.13.1

v7.13.2

v7.13.3

v7.13.4

v7.14.0

v7.14.0-beta

v7.14.1

v7.14.2

v7.14.3

v7.14.4

v7.14.5

v7.14.6

v7.14.7

v7.14.8

v7.15.0

v7.2

v7.2.1

v7.2beta

v7.2beta2

v7.3

v7.3-beta

v7.3.1

v7.3.2

v7.4.1

v7.4.2

v7.4.3

v7.5-beta

v7.5-beta.2

v7.5.1

v7.6

v7.6.1

v7.7

v7.7-beta1

v7.7-beta2

v7.7-rc

v7.7-rc2

v7.7.2

v7.7.3

v7.7.4

v7.8.0

v7.8.0-beta

v7.8.0-beta.2

v7.8.0-rc

v7.8.1

v7.8.2

v7.9.0

v7.9.0-beta

v7.9.0-rc

v7.9.1

v7.9.10

v7.9.11

v7.9.12

v7.9.13

v7.9.14

v7.9.3

v7.9.4

v7.9.5

v7.9.8

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-29104.json"