CVE-2026-26059 — ChurchCRM is an open-source church management system. In versions prior to 6.8.2, it was possible for an authenticated user with permission to edit groups to store a JavaScript payload that would exec — CVE Database · The Intelligence Room