CVE-2026-34724
Received Received - Intake
Server-Side Template Injection in Zammad AI Agent Enables RCE

Publication date: 2026-04-08

Last updated on: 2026-04-17

Assigner: GitHub, Inc.

Description
Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1, a server-side template injection vulnerability which leads to RCE via AI Agent exists. Impact is limited to environments where an attacker can control or influence type_enrichment_data (typically high-privilege administrative configuration). This vulnerability is fixed in 7.0.1.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-08
Last Modified
2026-04-17
Generated
2026-06-16
AI Q&A
2026-04-08
EPSS Evaluated
2026-06-15
NVD
CVE-2026-34724
EUVD
EUVD-2026-20564
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
zammad zammad 7.0.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1336 The product uses a template engine to insert or process externally-influenced input, but it does not neutralize or incorrectly neutralizes special elements or syntax that can be interpreted as template expressions or other code directives when processed by the engine.
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-34724 is a high-severity server-side template injection (SSTI) vulnerability in the Zammad helpdesk application, specifically affecting versions prior to 7.0.1.

The vulnerability occurs in the AI Agent feature when an attacker with high-privilege administrative access can control or influence the `type_enrichment_data` parameter.

By injecting malicious template code, the attacker can exploit improper neutralization of special elements and improper control of code generation, leading to remote code execution (RCE) on the server within the application process context.

Impact Analysis

This vulnerability allows an attacker with administrative privileges to execute arbitrary code remotely on the server running the Zammad application.

The impact is high on confidentiality, integrity, and availability of the affected system and potentially any connected systems.

Successful exploitation could lead to full compromise of the server, unauthorized data access, data manipulation, service disruption, or further attacks within the network.

Detection Guidance

Detection involves auditing AI::Agent records and the `type_enrichment_data` parameter for suspicious content, especially ERB-like sequences that may indicate template injection attempts.

Since the vulnerability requires administrative privileges to exploit, reviewing privileged admin accounts and their activities is also important.

Specific commands are not provided in the resources, but operators should focus on inspecting the database or logs where AI::Agent records and `type_enrichment_data` are stored for unusual or malicious template code.

Mitigation Strategies
  • Restrict and review privileged administrative accounts to limit who can influence `type_enrichment_data`.
  • Audit AI::Agent records and `type_enrichment_data` for suspicious or malicious template content.
  • Disable or limit the AI Agent feature until the patch (version 7.0.1) is applied.
  • Apply the patch by upgrading Zammad to version 7.0.1 or later, which fixes the vulnerability.
Compliance Impact

CVE-2026-34724 is a high-severity vulnerability that allows remote code execution via a server-side template injection in Zammad's AI Agent feature, which requires high-privilege administrative access. This vulnerability can lead to unauthorized code execution on the server, potentially compromising the confidentiality, integrity, and availability of sensitive data managed by the system.

Such a compromise can negatively impact compliance with common standards and regulations like GDPR and HIPAA, which mandate strict controls over data confidentiality and integrity. If exploited, this vulnerability could result in unauthorized access or manipulation of personal or protected health information, thereby violating these regulatory requirements.

Mitigation steps include applying the patch in version 7.0.1, restricting and reviewing privileged administrative accounts, auditing AI Agent data for suspicious content, and disabling or limiting the AI Agent feature until patched. These measures help maintain compliance by reducing the risk of unauthorized access and data breaches.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-34724. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart