LOW
shopware
CVE published 2026-06-10
CVE-2026-48011
CVE-2026-48011 is a low-severity vulnerability in Shopware, a popular open commerce platform. The issue, with a CVSS score of 3.7, allows an attacker to enumerate the usernames of administrator users by performing a timing attack. This vulnerability was published on June 10, 2026, and modified on June 11, 2026. The attack requires no privileges (PR:N) and has a low impact on confidentiality (C:L). The vul [truncated]