Adobe

Magento

161 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.39%
  • Veröffentlicht 12.05.2026 19:50:35
  • Zuletzt bearbeitet 20.05.2026 15:58:41

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability...

  • EPSS 0.27%
  • Veröffentlicht 12.05.2026 19:50:34
  • Zuletzt bearbeitet 20.05.2026 15:50:05

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into...

  • EPSS 15.93%
  • Veröffentlicht 12.05.2026 19:50:33
  • Zuletzt bearbeitet 20.05.2026 17:13:27

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could exploit this v...

  • EPSS 0.4%
  • Veröffentlicht 12.05.2026 19:50:32
  • Zuletzt bearbeitet 13.05.2026 18:37:08

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into ...

  • EPSS 0.47%
  • Veröffentlicht 12.05.2026 19:50:31
  • Zuletzt bearbeitet 20.05.2026 17:28:09

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in a Security feature bypass. An attacker could leverage this vu...

  • EPSS 0.37%
  • Veröffentlicht 12.05.2026 19:50:30
  • Zuletzt bearbeitet 20.05.2026 15:48:34

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier [NEEDS REVIEW: impact mismatch — ticket says 'Arbitrary file system write', CIA triad derives 'Security Feature Bypass'. Verify CVSS vector before pu...

  • EPSS 0.51%
  • Veröffentlicht 12.05.2026 19:50:29
  • Zuletzt bearbeitet 20.05.2026 17:12:21

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result in an application denial-of-service. An attacker cou...

  • EPSS 0.61%
  • Veröffentlicht 12.05.2026 19:50:29
  • Zuletzt bearbeitet 20.05.2026 16:02:39

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in arbitrary file s...

  • EPSS 0.56%
  • Veröffentlicht 12.05.2026 19:50:28
  • Zuletzt bearbeitet 20.05.2026 17:28:44

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerabilit...

  • EPSS 22.55%
  • Veröffentlicht 12.05.2026 19:50:27
  • Zuletzt bearbeitet 20.05.2026 17:27:51

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could exploit this v...