| CVE-2026-45704 |
high |
— |
8.0 |
17h ago |
Pimcore has a CustomReports Share Bypass |
|
| CVE-2026-45260 |
high |
— |
8.0 |
22h ago |
Pimcore: Missing Authorization in WebDAV MOVE via unchecked asset move handling |
|
| CVE-2026-45162 |
high |
— |
8.0 |
23h ago |
Pimcore has Unsafe PHP Deserialization in Multiple Locations Without allowed_classes Restriction |
|
| CVE-2026-44739 |
high |
— |
8.0 |
2d ago |
Pimcore Vulnerable to SQL Injection in Custom Reports Column Configuration |
|
| CVE-2026-5394 |
high |
— |
8.0 |
1mo ago |
Pimcore admin users can trigger SQL Injection |
|
| CVE-2014-2921 |
high |
— |
7.5 |
12y ago |
Pimcore Vulnerable to PHP Object Injection Attacks |
|
| CVE-2026-45703 |
medium |
— |
5.5 |
17h ago |
Pimcore has a WordExport Authorization Bypass for Unauthorized Document Export |
|
| CVE-2026-5362 |
medium |
5.4 |
5.4 |
1mo ago |
Pimcore has an authenticated Cross-site Scripting issue |
|