Pimcore

v2026.1.4 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 7d Data Warehouses & Analytics

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Topics

cdp cms cms-framework customer-data-platform dam data-management

+13 more

digital-platform ecommerce ecommerce-platform experience-manager master-data-management mdm online-shop pim pimcore product-information-management product-management shop wcms

Affected surfaces

auth

ReleasePort's take

Moderate signal

editorial:auto 7d

The release v2026.1.4 enhances Class Definition security to address a vulnerability.

Why it matters: Security severity rated 90; operators must update to mitigate the identified risk.

Summary

AI summary

Enhance Class Definition security to address a vulnerability.

Changes in this release

Type	Severity	Summary	CVE
Security	Critical	Enhance Class Definition security. Enhance Class Definition security. Source: llm_adapter@2026-05-27 Confidence: high	—
Performance	Low	Improve Data Object root class listing loading times. Improve Data Object root class listing loading times. Source: llm_adapter@2026-05-27 Confidence: high	—
Bugfix	Medium	Fix Time-Filter in Application Logs not working. Fix Time-Filter in Application Logs not working. Source: llm_adapter@2026-05-27 Confidence: high	—

Full changelog

What's Changed

[Task]: Improve Data Object root class listing loading times by @kingjia90 in https://github.com/pimcore/pimcore/pull/19142
[Bug, EC] PEES-946: Time-Filter in Application Logs not working by @robertSt7 in https://github.com/pimcore/pimcore/pull/19141
[Security]: Enhance Class Definition security by @kingjia90 in https://github.com/pimcore/pimcore/pull/19145
Fix example in 01_Loading_Service_Definitions.md by @jdreesen in https://github.com/pimcore/pimcore/pull/19047

Full Changelog: https://github.com/pimcore/pimcore/compare/v2026.1.3...v2026.1.4

Security Fixes

Enhance Class Definition security — mitigates unspecified vulnerability

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Pimcore

Get notified when new releases ship.

About Pimcore

Multi-channel experience and engagement management platform.

All releases →