| CVE-2026-45704 |
high |
— |
8.0 |
|
|
|
1d ago |
Pimcore has a CustomReports Share Bypass |
| CVE-2026-45260 |
high |
— |
8.0 |
|
|
|
1d ago |
Pimcore: Missing Authorization in WebDAV MOVE via unchecked asset move handling |
| CVE-2026-45162 |
high |
— |
8.0 |
|
|
|
1d ago |
Pimcore has Unsafe PHP Deserialization in Multiple Locations Without allowed_classes Restriction |
| CVE-2026-44739 |
high |
— |
8.0 |
|
|
|
2d ago |
Pimcore Vulnerable to SQL Injection in Custom Reports Column Configuration |
| CVE-2026-5394 |
high |
— |
8.0 |
|
|
|
1mo ago |
Pimcore Platform - SQL Injection in DataObject composite index handling during class definition import/save |
| CVE-2026-45703 |
medium |
— |
5.5 |
|
|
|
1d ago |
Pimcore has a WordExport Authorization Bypass for Unauthorized Document Export |
| CVE-2026-5362 |
medium |
5.4 |
5.4 |
|
|
|
1mo ago |
Pimcore has an authenticated Cross-site Scripting issue |