EUVD-2025-24449

Malicious code in bioql PyPI...

CVE-2025-49556

Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

CVE-2025-49554

Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Improper Input Validation vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability by providing specially crafted input,...

CVE-2025-49559 Adobe Commerce | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)

Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in a security feature bypass. An attacker could leverage this...

PT-2025-32868 · Adobe · Commerce

Name of the Vulnerable Software and Affected Versions: Adobe Commerce versions 2.4.9-alpha1 through 2.4.4-p14 Description: Adobe Commerce is affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' issue, which could bypass a security feature. An attacker could...

PT-2025-32864 · Adobe · Commerce

Name of the Vulnerable Software and Affected Versions: Adobe Commerce versions 2.4.9-alpha1 through 2.4.4-p14 Description: Adobe Commerce is affected by a Cross-Site Request Forgery CSRF vulnerability that could result in privilege escalation. An attacker with elevated privileges could trick a...