HomeCVE Intelligence › CVE-2026-45704
CVSS 7.5 HIGH Vulnerability

CVE-2026-45704: Pimcore has a CustomReports Share Bypass

Summary CustomReports uses inconsistent authorization between the report listing endpoint and the report detail endpoint. The listing flow filters reports based on report-sharing rules The detail flow only checks generi…

7.5CVSS Score
HIGHSeverity
NOCISA KEV
VulnerabilityImpact Type

📋 Vulnerability Details

CVE IDCVE-2026-45704
Vendorcomposer
Affected Productpimcore/pimcore
Vulnerability TypeVulnerability
CVSS Score7.5 (HIGH)
Actively Exploited❌ No known exploitation
Patch StatusSee Vendor Advisory →
Reported ByCYBERDUDEBIVASH SENTINEL APEX Intelligence (via github_advisories)

🔬 Technical Analysis

#

Summary CustomReports uses inconsistent authorization between the report listing endpoint and the report detail endpoint. - The listing flow filters reports based on report-sharing rules

• The detail flow only checks generic reports or reports_config permissions As a result, a low-privileged backend user who was not granted access to a report can still read that report directly by name even though it does not appear in the user's visible report list. In the local Docker reproduction: - The report poc-secret-report was not visible to the low-privileged user in the report list
• The same user was still able to retrieve the report configuration directly by name

Root Cause The listing flow in getReportConfigAction() filters reports through loadForGivenUser(): - [[CustomRepo

📚 Advisory References

⚡ DETECTION RULES AVAILABLE

Get CVE-2026-45704 Detection Pack

Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.

✓ Sigma Rules ✓ YARA Pack ✓ IOC Table ✓ SIEM Queries
🛡️ Get Detection Pack → 🔌 Access via API →

🔗 Related Intelligence