{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-34724", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-30T18:41:20.753Z", "datePublished": "2026-04-08T18:17:30.178Z", "dateUpdated": "2026-04-09T16:17:29.350Z"}, "containers": {"cna": {"title": "Zammad has a server-side template injection leading to RCE via AI Agent", "problemTypes": [{"descriptions": [{"cweId": "CWE-94", "lang": "en", "description": "CWE-94: Improper Control of Generation of Code ('Code Injection')", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-1336", "lang": "en", "description": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "HIGH", "userInteraction": "ACTIVE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "subAvailabilityImpact": "HIGH", "baseScore": 8.7, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", "version": "4.0"}}], "references": [{"name": "https://github.com/zammad/zammad/security/advisories/GHSA-fg9w-jg8f-4j94", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/zammad/zammad/security/advisories/GHSA-fg9w-jg8f-4j94"}], "affected": [{"vendor": "zammad", "product": "zammad", "versions": [{"version": ">= 7.0.0, < 7.0.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-08T18:17:30.178Z"}, "descriptions": [{"lang": "en", "value": "Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1, a server-side template injection vulnerability which leads to RCE via AI Agent exists. Impact is limited to environments where an attacker can control or influence type_enrichment_data (typically high-privilege administrative configuration). This vulnerability is fixed in 7.0.1."}], "source": {"advisory": "GHSA-fg9w-jg8f-4j94", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-09T15:01:27.512440Z", "id": "CVE-2026-34724", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-09T16:17:29.350Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"title": "Zammad has a server-side template injection leading to RCE via AI Agent", "source": {"advisory": "GHSA-fg9w-jg8f-4j94", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.7, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", "userInteraction": "ACTIVE", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "HIGH", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH"}}], "affected": [{"vendor": "zammad", "product": "zammad", "versions": [{"status": "affected", "version": ">= 7.0.0, < 7.0.1"}]}], "references": [{"url": "https://github.com/zammad/zammad/security/advisories/GHSA-fg9w-jg8f-4j94", "name": "https://github.com/zammad/zammad/security/advisories/GHSA-fg9w-jg8f-4j94", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1, a server-side template injection vulnerability which leads to RCE via AI Agent exists. Impact is limited to environments where an attacker can control or influence type_enrichment_data (typically high-privilege administrative configuration). This vulnerability is fixed in 7.0.1."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "CWE-94: Improper Control of Generation of Code ('Code Injection')"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1336", "description": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-08T18:17:30.178Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-34724", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-09T15:01:27.512440Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2026-04-09T15:01:36.847Z"}}]}, "cveMetadata": {"cveId": "CVE-2026-34724", "state": "PUBLISHED", "dateUpdated": "2026-04-08T18:17:30.178Z", "dateReserved": "2026-03-30T18:41:20.753Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-04-08T18:17:30.178Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zammad:zammad:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "830AF7C5-9441-4C80-935E-C53BDB097BB1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1, a server-side template injection vulnerability which leads to RCE via AI Agent exists. Impact is limited to environments where an attacker can control or influence type_enrichment_data (typically high-privilege administrative configuration). This vulnerability is fixed in 7.0.1."}], "id": "CVE-2026-34724", "lastModified": "2026-04-17T15:04:05.013", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-04-08T19:25:22.723", "references": [{"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/zammad/zammad/security/advisories/GHSA-fg9w-jg8f-4j94"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}, {"lang": "en", "value": "CWE-1336"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[7.0.0,7.0.1)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "zammad", "source": "cna", "vendor": "zammad"}, "product": "zammad", "vendor": "zammad"}], "analysis": {"en": {"generated_at": "2026-04-08T19:50:49.274127+00:00", "value": {"mitigation_remediation": ["Update Zammad to version 7.0.1 or later.", "If an upgrade cannot be performed immediately, restrict or disable the ability to modify type_enrichment_data so only properly authenticated administrators can modify it; consider disabling the AI Agent feature.", "Ensure strong authentication, including multi\u2011factor, for all administrative accounts.", "Monitor logs for unauthorized changes to configuration fields and for suspicious activity that may indicate exploitation attempts.", "Apply general security hardening: patch other software components, limit network exposure, and follow best practices for web application security."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The flaw exists in Zammad versions released before 7.0.1. Users running any 6.x branching or earlier 7.x pre\u20111 releases are exposed. The vulnerability is tied to the AI Agent feature that processes user\u2011supplied data for enriching tickets. Organizations deploying Zammad as a web\u2011based helpdesk must verify their version and upgrade if they are on a vulnerable release.", "description_and_impact": "The vulnerability is a server\u2011side template injection that allows an attacker with the ability to influence the type_enrichment_data field, usually an administrative configuration, to execute arbitrary code on the Zammad server. This injection can lead to remote code execution, with full compromise of confidentiality, integrity, and availability of the affected system. The weakness is classified as Server\u2011Side Template Injection (CWE\u20111336) and as an Improper Control of Generation of Code (CWE\u201194).", "risk_and_exploitability": "The CVSS base score is 8.7, reflecting the high impact of the flaw. EPSS data is unavailable, and the vulnerability is not listed in the CISA KEV catalog, implying a lower known exploitation prevalence, but the remote code execution capability makes it a serious threat. The attack requires access to a privileged configuration context where type_enrichment_data can be crafted; an attacker who can log into the administrative console or obtain related credentials could exploit the bug. Therefore, the risk is substantial if administrative access is leaked or weakly protected."}}}}, "created": "2026-04-08T19:52:33.827805+00:00", "updated": "2026-04-08T20:12:34.995004+00:00", "vendors": ["zammad", "zammad$PRODUCT$zammad"]}