What is the CVSS score of CVE-2026-27832?

CVE-2026-27832 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of PHP are affected by CVE-2026-27832?

Group-Office installations are vulnerable to SQL injection attacks through an authenticated endpoint, allowing attackers with valid credentials to potentially access, modify, or exfiltrate sensitive…

PHP CVE-2026-27832

HIGH

SQL Injection (CWE-89)

2026-02-27 security-advisories@github.com

PHP SQLi Group Office

8.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:55 vuln.today

CVE Published

Feb 27, 2026 - 20:21 nvd

HIGH 8.8

DescriptionNVD

Group-Office is an enterprise customer relationship management and groupware tool. Versions prior to 26.0.8, 25.0.87, and 6.8.153 have a SQL Injection (SQLi) vulnerability, exploitable through the advancedQueryData parameter (comparator field) on an authenticated endpoint. The endpoint index.php?r=email/template/emailSelection processes advancedQueryData and forwards the SQL comparator without a strict allowlist into SQL condition building. This enables blind boolean-based exfiltration of the core_auth_password table. Versions 26.0.8, 25.0.87, and 6.8.153 fix the issue.

AnalysisAI

SQL injection in Group Office email template selection endpoint allows authenticated attackers to extract sensitive data from the database through the unvalidated comparator parameter in advancedQueryData. An attacker with valid credentials can perform blind boolean-based attacks to exfiltrate password hashes from the core_auth_password table. …

RemediationAI

Within 24 hours: Identify all Group-Office instances in your environment and document their current versions. Within 7 days: Implement WAF rules to block malicious SQL patterns in the advancedQueryData parameter, restrict access to affected endpoints through network segmentation or IP whitelisting, and disable the advancedQuery feature if operationally feasible. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-27832 vulnerability details – vuln.today

Back

PHP CVE-2026-27832

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code