Package impact
COMPOSER / pimcore/pimcore
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-45704 | high | — | 8.0 | 16h ago | Pimcore has a CustomReports Share Bypass | |
| CVE-2026-45260 | high | — | 8.0 | 21h ago | Pimcore: Missing Authorization in WebDAV MOVE via unchecked asset move handling | |
| CVE-2026-45162 | high | — | 8.0 | 21h ago | Pimcore has Unsafe PHP Deserialization in Multiple Locations Without allowed_classes Restriction | |
| CVE-2026-44739 | high | — | 8.0 | 2d ago | Pimcore Vulnerable to SQL Injection in Custom Reports Column Configuration | |
| CVE-2026-5394 | high | — | 8.0 | 1mo ago | Pimcore admin users can trigger SQL Injection |