CVE-2026-32142 | Shopware up to 6.10.14/7.8.0 /api/_info/config information disclosure (GHSA-gvmv-9f74-mhwp)

Inserito da Angelo Barbosa | Mar 12, 2026 | CVE

A vulnerability described as problematic has been identified in Shopware up to 6.10.14/7.8.0. This vulnerability affects unknown code of the file /api/_info/config. Executing a manipulation can lead to information disclosure.

This vulnerability is tracked as CVE-2026-32142. The attack can be launched remotely. No exploit exists.

Upgrading the affected component is recommended.

CVE-2026-32142 | Shopware up to 6.10.14/7.8.0 /api/_info/config information disclosure (GHSA-gvmv-9f74-mhwp)

Post correlati

CVE-2025-0897 | wpcalc Modal Window Plugin up to 6.1.5 on WordPress Shortcode iframeBox cross site scripting

CVE-2025-20305 | Cisco Identity Services Engine Software up to 3.4.0 Web-based Management Interface insufficient granularity of access control (cisco-sa-ise-multiple-vulns-O9BESWJH)

CVE-2025-4553 | PHPGurukul Apartment Visitors Management System 1.0 bwdates-reports-details.php fromdate/todate sql injection

CVE-2025-49507 | LoftOcean CozyStay Plugin up to 1.7.0 on WordPress deserialization