CVE-2026-32100 | Shopware up to 2.0.15/3.0.11/4.0.6 /api/_info/config information disclosure (GHSA-64rg-pgjv-4v33)

Inserito da Angelo Barbosa | Mar 12, 2026 | CVE

A vulnerability was found in Shopware up to 2.0.15/3.0.11/4.0.6. It has been declared as problematic. This affects an unknown part of the file /api/_info/config. The manipulation results in information disclosure.

This vulnerability was named CVE-2026-32100. The attack may be performed from remote. There is no available exploit.

It is recommended to upgrade the affected component.

CVE-2026-32100 | Shopware up to 2.0.15/3.0.11/4.0.6 /api/_info/config information disclosure (GHSA-64rg-pgjv-4v33)

Post correlati

CVE-2024-1177 | WP Club Manager Plugin up to 2.2.10 on WordPress Event Permalink Update authorization

CVE-2026-2235 | HGiga C&Cm@il package olln-base up to 7.0-977 sql injection

CVE-2025-47437 | LiteSpeed Cache Plugin up to 7.0.1 on WordPress server-side request forgery

CVE-2024-4225 | DPS Telecom NetGuardian DIN Remote Telemetry Unit 2.0D.0062 Web Interface cross site scripting