Package impact
COMPOSER / pimcore/pimcore
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-45704 | high | — | 8.0 | 2d ago | Pimcore has a CustomReports Share Bypass | |||
| CVE-2026-45260 | high | — | 8.0 | 2d ago | Pimcore: Missing Authorization in WebDAV MOVE via unchecked asset move handling | |||
| CVE-2026-45162 | high | — | 8.0 | 2d ago | Pimcore has Unsafe PHP Deserialization in Multiple Locations Without allowed_classes Restriction | |||
| CVE-2026-44739 | high | — | 8.0 | 3d ago | Pimcore Vulnerable to SQL Injection in Custom Reports Column Configuration | |||
| CVE-2026-5394 | high | — | 8.0 | 1mo ago | Pimcore Platform - SQL Injection in DataObject composite index handling during class definition import/save |