PT-2026-35518 · Pimcore · Pimcore
Oscar Naveda
·
Published
2026-04-27
·
Updated
2026-04-28
·
CVE-2026-5394
CVSS v4.0
7.0
High
| AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N |
🚨 New zero-day in Pimcore | Detected by our AI SAST scanner and disclosed by Oscar Naveda. As a #CNA, we assigned the ID CVE-2026-5394. Details: 🔗 https://t.co/BoVhbbIJaq. We have announced 233 #CVEs to this date: 🔗 https://t.co/fgMrQcyKAU https://t.co/nAD8eL0pPf
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Pimcore