A vulnerability labeled as critical has been found in Dolibarr ERP CRM up to 22.0.4 . Affected by this issue is some unknown functionality of the component Website Module . Executing a manipulation can lead to code injection. This vulnerability is registered as CVE-2026-31018 . It is possible to launch the attack remotely. No exploit is available.