CVE ID :CVE-2026-11407 Published : June 17, 2026, 8:07 p.m. | 1 hour, 1 minute ago Description :Pimcore CMS/DXP version 12.3.8 contains a sandbox bypass vulnerability that allows authenticated administrative attackers to execute arbitrary methods on PHP objects by exploiting empty...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-11407 - Pimcore CMS 12.3.8 Twig Sandbox Bypass via SecurityPolicy checkMethodAllowed

VERWANDTEARTIKEL

CVE-2026-12530 - Improper neutralization of argument delimiters in AWS Bedrock AgentCore Python SDK install_packages()

CVE-2026-50107 - NGINX Gateway Fabric vulnerability

CVE-2026-54388 - Tinyproxy - HTTP Request Smuggling via Duplicate Content-Length Headers

CVE-2026-54387 - Tinyproxy - HTTP Request Smuggling via CL/TE Desynchronization

CVE-2026-55202 - Tinyproxy - Stathost Detection Bypass via Host Header Manipulation

CVE-2026-55200 - libssh2 - Out-of-Bounds Write via Unchecked packet_length in transport.c