CVE-2026-3837 — An authenticated attacker can persist crafted values in multiple field types and trigger client-side script execution when another user opens the affected document in Desk. The vulnerable formatter im — CVE Database · The Intelligence Room