| CVE |
Severity |
CVSS |
Risk |
Published |
Description |
Impact |
| CVE-2026-45704 |
high |
— |
8.0 |
9h ago |
Pimcore has a CustomReports Share Bypass |
|
| CVE-2026-45260 |
high |
— |
8.0 |
14h ago |
Pimcore: Missing Authorization in WebDAV MOVE via unchecked asset move handling |
|
| CVE-2026-45162 |
high |
— |
8.0 |
14h ago |
Pimcore has Unsafe PHP Deserialization in Multiple Locations Without allowed_classes Restriction |
|
| CVE-2026-44739 |
high |
— |
8.0 |
1d ago |
Pimcore Vulnerable to SQL Injection in Custom Reports Column Configuration |
|
| CVE-2026-5394 |
high |
— |
8.0 |
1mo ago |
Pimcore admin users can trigger SQL Injection |
|
| CVE-2026-45703 |
medium |
— |
5.5 |
9h ago |
Pimcore has a WordExport Authorization Bypass for Unauthorized Document Export |
|
| CVE-2026-5362 |
medium |
5.4 |
5.4 |
1mo ago |
Pimcore has an authenticated Cross-site Scripting issue |
|