Adobe

Commerce

187 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2026-21360

  • EPSS 0.23%
  • Veröffentlicht 11.03.2026 02:19:11
  • Zuletzt bearbeitet 11.03.2026 18:08:57

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in a security feat...

4.3

CVE-2026-21296

  • EPSS 0.05%
  • Veröffentlicht 11.03.2026 02:19:10
  • Zuletzt bearbeitet 11.03.2026 18:07:54

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage th...

8

CVE-2026-21311

  • EPSS 0.12%
  • Veröffentlicht 11.03.2026 02:19:09
  • Zuletzt bearbeitet 11.03.2026 18:08:37

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts int...

3.1

CVE-2026-21295

  • EPSS 0.05%
  • Veröffentlicht 11.03.2026 02:19:08
  • Zuletzt bearbeitet 11.03.2026 18:07:35

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. An attacker could leverage this vulnerability to redirect users...

6.5

CVE-2025-54267

  • EPSS 0.07%
  • Veröffentlicht 14.10.2025 20:27:57
  • Zuletzt bearbeitet 20.10.2025 13:47:32

Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures an...

8.1

CVE-2025-54263

  • EPSS 0.1%
  • Veröffentlicht 14.10.2025 20:27:56
  • Zuletzt bearbeitet 20.10.2025 13:47:20

Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures an...

4.8

CVE-2025-54266

  • EPSS 0.06%
  • Veröffentlicht 14.10.2025 20:27:56
  • Zuletzt bearbeitet 20.10.2025 13:47:38

Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts int...

5.3

CVE-2025-54277

  • EPSS 0.07%
  • Veröffentlicht 14.10.2025 20:27:55
  • Zuletzt bearbeitet 17.10.2025 22:15:34

Rejected reason: This CVE ID was issued in error by its CVE Numbering Authority.

5.9

CVE-2025-54265

  • EPSS 0.12%
  • Veröffentlicht 14.10.2025 20:27:54
  • Zuletzt bearbeitet 28.04.2026 15:39:42

Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. An attacker could leverage this vulnerability to bypass security measures and gain unautho...

8.1

CVE-2025-54264

  • EPSS 0.09%
  • Veröffentlicht 14.10.2025 20:27:53
  • Zuletzt bearbeitet 20.10.2025 13:47:24

Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting (XSS) Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to i...