| CVE-2014-2921 |
high |
— |
8.5 |
|
|
|
12y ago |
Pimcore Vulnerable to PHP Object Injection Attacks |
| CVE-2026-45704 |
high |
— |
8.0 |
|
|
|
8d ago |
Pimcore has a CustomReports Share Bypass |
| CVE-2026-45260 |
high |
— |
8.0 |
|
|
|
8d ago |
Pimcore: Missing Authorization in WebDAV MOVE via unchecked asset move handling |
| CVE-2026-45162 |
high |
— |
8.0 |
|
|
|
8d ago |
Pimcore has Unsafe PHP Deserialization in Multiple Locations Without allowed_classes Restriction |
| CVE-2026-44739 |
high |
— |
8.0 |
|
|
|
9d ago |
Pimcore Vulnerable to SQL Injection in Custom Reports Column Configuration |
| CVE-2026-5394 |
high |
— |
8.0 |
|
|
|
1mo ago |
Pimcore Platform - SQL Injection in DataObject composite index handling during class definition import/save |
| CVE-2026-45703 |
medium |
— |
5.5 |
|
|
|
8d ago |
Pimcore has a WordExport Authorization Bypass for Unauthorized Document Export |
| CVE-2026-5362 |
medium |
5.4 |
5.4 |
|
|
|
1mo ago |
Pimcore has an authenticated Cross-site Scripting issue |
