CVE-2026-48009 | Shopware prior 6.6.10.18/6.7.10.1 User Recovery UserRecoveryDefinition.php password recovery
A vulnerability has been found in Shopware and classified as problematic. This affects an unknown function of the file src/Core/System/User/Recovery/UserRecoveryDefinition.php of the component User Recovery. Performing a manipulation results in weak password recovery.
This vulnerability was named CVE-2026-48009. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More