CVE-2026-32142 | Shopware up to 6.10.14/7.8.0 /api/_info/config information disclosure (GHSA-gvmv-9f74-mhwp)

A vulnerability described as problematic has been identified in Shopware up to 6.10.14/7.8.0. This vulnerability affects unknown code of the file /api/_info/config. Executing a manipulation can lead to information disclosure.

This vulnerability is tracked as CVE-2026-32142. The attack can be launched remotely. No exploit exists.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More