Known Vulnerabilities for products from Pimcore
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Pimcore".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-41249 json | Not Provided | 2026-06-04 | 2026-06-08 | |
| CVE-2026-11407 json | Not Provided | 2026-06-17 | 2026-06-18 | |
| CVE-2026-5394 json | Not Provided | 2026-04-27 | 2026-05-05 | |
| CVE-2026-5362 json | An authenticated attacker with permission to edit document content can store crafted HTML/JavaScript in a Document embed edit... | Not Provided | 2026-04-27 | 2026-05-18 |
| CVE-2024-23648 json | 8.8 - HIGH | 2024-01-24 | 2024-02-02 | |
| CVE-2024-23646 json | 8.8 - HIGH | 2024-01-24 | 2024-01-31 | |
| CVE-2024-21667 json | 6.5 - MEDIUM | 2024-01-11 | 2024-01-18 | |
| CVE-2024-21666 json | 6.5 - MEDIUM | 2024-01-11 | 2024-01-18 | |
| CVE-2024-21665 json | 4.3 - MEDIUM | 2024-01-11 | 2024-01-17 | |
| CVE-2023-49076 json | 6.5 - MEDIUM | 2023-11-30 | 2023-12-05 | |
| CVE-2023-49075 json | 7.2 - HIGH | 2023-11-28 | 2023-12-04 | |
| CVE-2023-46722 json | The Pimcore Admin Classic Bundle provides a backend UI for Pimcore. Prior to version 1.2.0, a cross-site scripting vulnerabil... | 6.1 - MEDIUM | 2023-10-31 | 2023-11-08 |
| CVE-2023-42817 json | Pimcore admin-ui-classic-bundle provides a Backend UI for Pimcore. The translation value with text including “%s” (from �... | 5.4 - MEDIUM | 2023-09-25 | 2023-09-26 |
| CVE-2023-38708 json | Pimcore is an Open Source Data & Experience Management Platform: PIM, MDM, CDP, DAM, DXP/CMS & Digital Commerce. A path trave... | 8.8 - HIGH | 2023-08-04 | 2023-08-09 |
| CVE-2023-37280 json | Pimcore Admin Classic Bundle provides a Backend UI for Pimcore based on the ExtJS framework. An admin who has not setup two f... | 6.1 - MEDIUM | 2023-07-11 | 2023-07-19 |
| CVE-2023-32075 json | The Customer Management Framework (CMF) for Pimcore adds functionality for customer data management. In `pimcore/customer-man... | 4.3 - MEDIUM | 2023-05-11 | 2023-05-22 |
| CVE-2023-30855 json | Pimcore is an open source data and experience management platform. Versions of Pimcore prior to 10.5.18 are vulnerable to pat... | 7.5 - HIGH | 2023-05-08 | 2023-05-12 |
| CVE-2023-30852 json | Pimcore is an open source data and experience management platform. Prior to version 10.5.21, the `/admin/misc/script-proxy` A... | 4.9 - MEDIUM | 2023-04-27 | 2023-05-09 |
| CVE-2023-30850 json | Pimcore is an open source data and experience management platform. Prior to version 10.5.21, a SQL Injection vulnerability ex... | 8.8 - HIGH | 2023-04-27 | 2023-05-09 |
| CVE-2023-30849 json | Pimcore is an open source data and experience management platform. Prior to version 10.5.21, A SQL injection vulnerability ex... | 8.8 - HIGH | 2023-04-27 | 2023-05-05 |
Known software with vulnerabilities from Pimcore
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Pimcore | Pimcore | 1.4.3 |