CVE-2026-23495 | Pimcore Admin Classic Bundle up to 1.7.15/2.2.2 API Endpoint access control

A vulnerability, which was classified as critical, was found in Pimcore Admin Classic Bundle up to 1.7.15/2.2.2. This issue affects some unknown processing of the component API Endpoint. Such manipulation leads to improper access controls.

This vulnerability is listed as CVE-2026-23495. The attack may be performed from remote. There is no available exploit.

You should upgrade the affected component.VulDB Recent EntriesRead More