All 3 CVE vulnerabilities found in CoreShop, with AI-generated Chinese analysis, references, and POCs.
Vendor: coreshop
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-41249 | CoreShop Vulnerable to Remote Code Execution (RCE) via Insecure `pull_request_target` Configuration CWE-94 | 8.2 | High | 2026-06-04 |
| CVE-2026-23959 | CoreShop Vulnerable to SQL Injection via Admin customer-company-modifier CWE-564 | 4.9AI | MediumAI | 2026-01-22 |
| CVE-2026-22242 | CoreShop Vulnerable to SQL Injection via Admin Reports CWE-564 | 4.9 | Medium | 2026-01-08 |
All 3 known CVE vulnerabilities affecting CoreShop with full Chinese analysis, references, and POCs where available.