Vulnerabilities4 min read
Group-Office Deserialization Bug Enables Server Takeover (CVSS 9.9)
CVE-2026-34838 lets authenticated attackers achieve RCE on Group-Office CRM servers via insecure deserialization. Upgrade to patched versions immediately.
Marcus ChenApr 6, 2026