Adobe

Adobe Commerce

67 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2026-21285

  • EPSS 0.05%
  • Veröffentlicht 11.03.2026 02:19:15
  • Zuletzt bearbeitet 11.03.2026 18:21:57

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage th...

5.3

CVE-2026-21310

  • EPSS 0.44%
  • Veröffentlicht 11.03.2026 02:19:15
  • Zuletzt bearbeitet 11.03.2026 18:08:28

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Improper Input Validation vulnerability that could result in a security feature bypass, with limited impact to integrity. Exploit...

8.7

CVE-2026-21290

  • EPSS 0.04%
  • Veröffentlicht 11.03.2026 02:19:14
  • Zuletzt bearbeitet 11.03.2026 18:21:47

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into...

7.5

CVE-2026-21289

  • EPSS 0.13%
  • Veröffentlicht 11.03.2026 02:19:13
  • Zuletzt bearbeitet 11.03.2026 18:21:50

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerabili...

8.1

CVE-2026-21361

  • EPSS 0.1%
  • Veröffentlicht 11.03.2026 02:19:12
  • Zuletzt bearbeitet 11.03.2026 18:09:08

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting (XSS) vvulnerability that could be abused by a high-privileged attacker to inject malicious scripts in...

6.8

CVE-2026-21360

  • EPSS 0.21%
  • Veröffentlicht 11.03.2026 02:19:11
  • Zuletzt bearbeitet 11.03.2026 18:08:57

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in a security feat...

4.3

CVE-2026-21296

  • EPSS 0.04%
  • Veröffentlicht 11.03.2026 02:19:10
  • Zuletzt bearbeitet 11.03.2026 18:07:54

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage th...

8

CVE-2026-21311

  • EPSS 0.11%
  • Veröffentlicht 11.03.2026 02:19:09
  • Zuletzt bearbeitet 11.03.2026 18:08:37

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts int...

3.1

CVE-2026-21295

  • EPSS 0.04%
  • Veröffentlicht 11.03.2026 02:19:08
  • Zuletzt bearbeitet 11.03.2026 18:07:35

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. An attacker could leverage this vulnerability to redirect users...

6.5

CVE-2025-54267

  • EPSS 0.05%
  • Veröffentlicht 14.10.2025 20:27:57
  • Zuletzt bearbeitet 20.10.2025 13:47:32

Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures an...