๐Ÿ” CVE Alert

CVE-2026-55212

HIGH 7.1

Pimcore: Insufficient Permission Check on Class Definition Creation Endpoint Allows Privilege Escalation

CVSS Score
7.1
EPSS Score
0.2%
EPSS Percentile
10th

Pimcore is an Open Source Data & Experience Management Platform. Prior to 2025.4.6 and 2026.1.6, the Studio API class definition creation endpoint POST /pimcore-studio/api/class/definition/configuration-view/detail/create is guarded by the objects permission instead of the classes permission, allowing a standard editor-level user to create class definitions without admin privileges. Class definition creation generates new database tables and PHP class files on the server, and missing API-layer UID format validation allows malformed UIDs to reach model-layer validation and return internal exceptions. This issue is fixed in versions 2025.4.6 and 2026.1.6.

CWE CWE-285
Vendor pimcore
Product pimcore
Published Jul 9, 2026
Last Updated Jul 10, 2026
Stay Ahead of the Next One

Get instant alerts for pimcore pimcore

Be the first to know when new high vulnerabilities affecting pimcore pimcore are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
High
Availability
None

Affected Versions

pimcore / pimcore
>= 2026.1.0, < 2026.1.6 < 2025.4.6

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
github.com: https://github.com/pimcore/pimcore/security/advisories/GHSA-f97c-ph8j-8vff github.com: https://github.com/pimcore/studio-backend-bundle/pull/1886 github.com: https://github.com/pimcore/studio-backend-bundle/commit/d1a4788c0f159c360d550c34256c8abbbd633ae0 github.com: https://github.com/pimcore/studio-backend-bundle/releases/tag/v2025.4.6 github.com: https://github.com/pimcore/studio-backend-bundle/releases/tag/v2026.1.6