Package impact
Packagist / coreshop/core-shop
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-41249 | high | — | 8.0 | 16d ago | CoreShop Vulnerable to Remote Code Execution (RCE) via Insecure `pull_request_target` Configuration | |||
| CVE-2026-23959 | unknown | — | — | 4mo ago | CoreShop Vulnerable to SQL Injection via Admin customer-company-modifier | |||
| CVE-2026-22242 | unknown | — | — | 5mo ago | CoreShop Vulnerable to SQL Injection via Admin Reports |