| CVE |
Severity |
CVSS |
Risk |
Published |
Description |
Impact |
| CVE-2026-45704 |
high |
— |
8.0 |
4h ago |
Pimcore has a CustomReports Share Bypass |
|
| CVE-2026-45260 |
high |
— |
8.0 |
10h ago |
Pimcore: Missing Authorization in WebDAV MOVE via unchecked asset move handling |
|
| CVE-2026-45162 |
high |
— |
8.0 |
10h ago |
Pimcore has Unsafe PHP Deserialization in Multiple Locations Without allowed_classes Restriction |
|
| CVE-2026-44739 |
high |
— |
8.0 |
1d ago |
Pimcore Vulnerable to SQL Injection in Custom Reports Column Configuration |
|
| CVE-2026-5394 |
high |
— |
8.0 |
1mo ago |
Pimcore admin users can trigger SQL Injection |
|
| CVE-2014-2921 |
high |
— |
7.5 |
12y ago |
Pimcore Vulnerable to PHP Object Injection Attacks |
|