CVE-2026-34656
- EPSS 0.39%
- Veröffentlicht 12.05.2026 19:50:35
- Zuletzt bearbeitet 20.05.2026 15:58:41
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability...
CVE-2026-34658
- EPSS 0.27%
- Veröffentlicht 12.05.2026 19:50:34
- Zuletzt bearbeitet 20.05.2026 15:50:05
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into...
CVE-2026-34650
- EPSS 15.93%
- Veröffentlicht 12.05.2026 19:50:33
- Zuletzt bearbeitet 20.05.2026 17:13:27
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could exploit this v...
CVE-2026-34686
- EPSS 0.4%
- Veröffentlicht 12.05.2026 19:50:32
- Zuletzt bearbeitet 13.05.2026 18:37:08
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into ...
CVE-2026-34647
- EPSS 0.47%
- Veröffentlicht 12.05.2026 19:50:31
- Zuletzt bearbeitet 20.05.2026 17:28:09
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in a Security feature bypass. An attacker could leverage this vu...
CVE-2026-34685
- EPSS 0.37%
- Veröffentlicht 12.05.2026 19:50:30
- Zuletzt bearbeitet 20.05.2026 15:48:34
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier [NEEDS REVIEW: impact mismatch — ticket says 'Arbitrary file system write', CIA triad derives 'Security Feature Bypass'. Verify CVSS vector before pu...
CVE-2026-34652
- EPSS 0.51%
- Veröffentlicht 12.05.2026 19:50:29
- Zuletzt bearbeitet 20.05.2026 17:12:21
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result in an application denial-of-service. An attacker cou...
CVE-2026-34653
- EPSS 0.61%
- Veröffentlicht 12.05.2026 19:50:29
- Zuletzt bearbeitet 20.05.2026 16:02:39
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in arbitrary file s...
CVE-2026-34645
- EPSS 0.56%
- Veröffentlicht 12.05.2026 19:50:28
- Zuletzt bearbeitet 20.05.2026 17:28:44
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerabilit...
CVE-2026-34648
- EPSS 22.55%
- Veröffentlicht 12.05.2026 19:50:27
- Zuletzt bearbeitet 20.05.2026 17:27:51
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could exploit this v...