[MEDIUM] Shopware: Privilege escalation: non-admin user with user:create ACL can create admin accounts

PKSA-fstf-sh35-tmx7 CVE-2026-48010 GHSA-v39m-97p8-gqg7

Affected package: shopware/core

Affected version: <6.6.10.18|>=6.7.0.0,<6.7.10.1

Reported by:
GitHub