Pimcore Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by pimcore
Vulnerability Published:
🗓️ Published
- Anytime
Sort By:
🗓️ Published Date
- Descending
Unauthenticated Admin Account Takeover in Pimcore by Valid Username Manipulation
CVE-2026-55207PimcorePimcore8.8HIGHTime-Based Blind SQL Injection in Pimcore Studio Backend Bundle
CVE-2026-55208PimcorePimcore7.7HIGHUnauthorized Class Definition Creation in Pimcore Open Source Data Platform
CVE-2026-55212PimcorePimcore7.1HIGHSandbox Bypass Vulnerability in Pimcore CMS/DXP by Pimcore
CVE-2026-11407Pimcore GmbhPimcore Cms/dxp8.6HIGHSQL Injection Risk in Pimcore by Authenticated Users
CVE-2026-5394PimcorePimcore7HIGHData Exposure Vulnerability in Pimcore Open Source Platform
CVE-2026-23493PimcorePimcore8.6HIGHSQL Injection Vulnerability in Pimcore Data Management Platform
CVE-2026-23492PimcorePimcore8.8HIGHPimcore Thumbnail Generation Vulnerability
CVE-2024-32871PimcorePimcore7.5HIGHPotential Security Vulnerability in Pimcore's Admin Classic Bundle
CVE-2024-25625PimcoreAdmin-ui-classic-bundle9.3CRITICALPimcore Admin Classic Bundle SQL Injection in Admin download files as zip
CVE-2024-23646PimcoreAdmin-ui-classic-bundle8.8HIGHPimcore Admin Classic Bundle host header injection in the password reset
CVE-2024-23648PimcoreAdmin-ui-classic-bundle8.8HIGHPimcore Admin UI has Two Factor Authentication disabled for non admin security firewalls
CVE-2023-49075pimcoreadmin-ui-classic-bundle7.2HIGHSQL Injection in Admin Grid Filter API in Pimcore
CVE-2023-47637PimcorePimcore8.8HIGHExposure of Sensitive Information to an Unauthorized Actor in pimcore/pimcore
CVE-2023-3819PimcorePimcore/pimcore7.6HIGHSQL Injection in pimcore/pimcore
CVE-2023-3820PimcorePimcore/pimcore7.2HIGHSQL Injection in pimcore/pimcore
CVE-2023-3673PimcorePimcore/pimcore7.2HIGHPrivilege Defined With Unsafe Actions in pimcore/pimcore
CVE-2023-2983PimcorePimcore/pimcore8.8HIGHPath Traversal: '\..\filename' in pimcore/pimcore
CVE-2023-2984PimcorePimcore/pimcore8.8HIGHSQL Injection in pimcore/customer-data-framework
CVE-2023-2756PimcorePimcore/customer-data-...7.2HIGHImproper Neutralization of Formula Elements in a CSV File in pimcore/customer-data-framework
CVE-2023-2629PimcorePimcore/customer-data-...7.8HIGHPimcore SQL Injection Vulnerability in Admin Translations API
CVE-2023-30850PimcorePimcore8.8HIGHPimcore SQL Injection Vulnerability in Admin Search Find API
CVE-2023-30848PimcorePimcore8.8HIGHPimcore vulnerable to SQL Injection in Translation Export API
CVE-2023-30849PimcorePimcore8.8HIGHSQL Injection in pimcore/pimcore
CVE-2023-2338PimcorePimcore/pimcore8.8HIGHSQL Injection in pimcore/pimcore
CVE-2023-1578PimcorePimcore/pimcoreEPSS 65%8.8HIGH