CVE-2026-31888 | Shopware up to 6.6.10.15/6.7.8.1 Store API Logendpoint /store-api/account/login response discrepancy (GHSA-gqc5-xv7m-gcjq)

Inserito da Angelo Barbosa | Mar 11, 2026 | CVE

A vulnerability was found in Shopware up to 6.6.10.15/6.7.8.1. It has been rated as problematic. This affects an unknown part of the file /store-api/account/login of the component Store API Logendpoint. This manipulation causes observable response discrepancy.

The identification of this vulnerability is CVE-2026-31888. It is possible to initiate the attack remotely. There is no exploit available.

Upgrading the affected component is advised.

CVE-2026-31888 | Shopware up to 6.6.10.15/6.7.8.1 Store API Logendpoint /store-api/account/login response discrepancy (GHSA-gqc5-xv7m-gcjq)

Post correlati

CVE-2025-43849 | RVC-Project Retrieval-based-Voice-Conversion-WebUI up to 2.2.231006 process_ckpt.py merge ckpt_a/cpkt_b deserialization (GHSL-2025-012)

CVE-2020-37013 | Tucows Audio Playback Recorder 3.2.2 eject/registration stack-based overflow (Exploit 48796)

CVE-2024-9671 | Red Hat 3Scale PDF Invoice missing authentication

CVE-2024-7870 | PixelYourSite Plugin/PixelYourSite Pro Plugin on WordPress improper authentication