{"uuid": "6c2a34c6-7920-4d0d-8c38-bbbf56dec771", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42288", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mlp5qjkhja2g", "content": "ChurchCRM < 7.3.2 has a critical RCE (CVE-2026-42288) via setup wizard code injection. Unauthenticated attackers can fully compromise systems. Upgrade to 7.3.2+ now. https://radar.offseq.com/threat/cve-2026-42288-cwe-94-improper-control-of-generati-052b937e #OffSeq #ChurchCRM #SecurityAlert", "creation_timestamp": "2026-05-13T01:30:33.485942Z"}