{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T17:02:54.251","vulnerabilities":[{"cve":{"id":"CVE-2026-25511","sourceIdentifier":"security-advisories@github.com","published":"2026-02-04T21:16:02.243","lastModified":"2026-02-11T19:16:29.217","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.150, 25.0.82, and 26.0.5, an authenticated user within the System Administrator group can trigger a full SSRF via the WOPI service discovery URL, including access to internal hosts/ports. The SSRF response body can be exfiltrated via the built‑in debug system, turning it into a visible SSRF. This also allows full server-side file read. This issue has been patched in versions 6.8.150, 25.0.82, and 26.0.5."},{"lang":"es","value":"Group-Office es una herramienta de gestión de relaciones con clientes empresariales y de groupware. Antes de las versiones 6.8.150, 25.0.82 y 26.0.5, un usuario autenticado dentro del grupo de Administradores del Sistema puede desencadenar un SSRF completo a través de la URL de descubrimiento de servicio WOPI, incluyendo acceso a hosts/puertos internos. El cuerpo de la respuesta SSRF puede ser exfiltrado a través del sistema de depuración incorporado, convirtiéndolo en un SSRF visible. Esto también permite la lectura completa de archivos del lado del servidor. Este problema ha sido parcheado en las versiones 6.8.150, 25.0.82 y 26.0.5."}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:group-office:group_office:*:*:*:*:*:*:*:*","versionStartIncluding":"6.8.0","versionEndExcluding":"6.8.150","matchCriteriaId":"1F54FF3F-BE7C-41FF-926A-9496CE99CE97"},{"vulnerable":true,"criteria":"cpe:2.3:a:group-office:group_office:*:*:*:*:*:*:*:*","versionStartIncluding":"25.0.1","versionEndExcluding":"25.0.82","matchCriteriaId":"39BE8337-170B-4895-A5AA-B27AFB64E418"},{"vulnerable":true,"criteria":"cpe:2.3:a:group-office:group_office:*:*:*:*:*:*:*:*","versionStartIncluding":"26.0.1","versionEndExcluding":"26.0.5","matchCriteriaId":"FB489F3F-5EA4-4DFD-9F70-9AD862D7401A"}]}]}],"references":[{"url":"https://github.com/Intermesh/groupoffice/commit/5ac199dce758e1ce0d1cdb6905df5da3c2af42b3","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/Intermesh/groupoffice/security/advisories/GHSA-r9v4-jm2r-r9pm","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://github.com/Intermesh/groupoffice/security/advisories/GHSA-r9v4-jm2r-r9pm","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}}]}