CVE-2026-31889 | Shopware up to 6.6.10.15/6.7.8.1 authentication spoofing

Inserito da Angelo Barbosa | Mar 11, 2026 | CVE

A vulnerability was found in Shopware up to 6.6.10.15/6.7.8.1. It has been declared as critical. This issue affects some unknown processing. Such manipulation leads to authentication bypass by spoofing.

This vulnerability is uniquely identified as CVE-2026-31889. The attack can be launched remotely. No exploit exists.

It is recommended to upgrade the affected component.

CVE-2026-31889 | Shopware up to 6.6.10.15/6.7.8.1 authentication spoofing

Post correlati

CVE-2025-45471 | measure-cold-start 1.4.1 Customer Cloud Account permission (ID 32)

CVE-2024-34062 | tqdm up to 4.66.2 injection (GHSA-g7vv-2v7x-gj9p)

CVE-2025-55062 | Priority Web cross site scripting

CVE-2024-13111 | Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2 JWT Token SysUserControl improper authentication