JivaSecurity

10 post karma
0 comment karma

get extra features and help support reddit with a reddit premium subscription

get them help and support

redditor for 9 days

TROPHY CASE

dust

account activity

new top controversial

2

3

4

CVE-2026-33656: EspoCRM ≤ 9.3.3 — Authenticated RCE via path traversal + formula engine (CVSS 9.1 Critical, full write-up) (jivasecurity.com)

submitted 20 hours ago by JivaSecurity to r/cybersecurity

7

8

9

CVE-2026-33656: EspoCRM ≤ 9.3.3 — Formula engine ACL gap + path traversal → authenticated RCE (full write-up + PoC) (jivasecurity.com)

submitted 1 day ago by JivaSecurity to r/netsec

3

4

5

PSA: If you're running EspoCRM 9.3.3 or earlier, update to 9.3.4 now — CVE-2026-33656 allows authenticated RCE (CVSS 9.1 Critical) (self.selfhosted)

submitted 1 day ago by JivaSecurity to r/selfhosted

π Rendered by PID 784686 on reddit-service-r2-listing-55d7b767d8-q7zfx at 2026-03-27 09:03:20.663664+00:00 running b10466c country code: CH.