CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2958 matches found

EUVD•added 2026/05/12 9:31 p.m.•15 views

EUVD-2026-29764

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may...

4.8CVSS5.8AI score0.00368EPSS

Exploits0References2

Snyk•added 2026/05/12 9:20 p.m.•9 views

Cross-site Scripting (XSS)

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the vulnerable form fields. An attacker can execute arbitrary JavaScript in the context of another user's browser by injecting malicious script...

4.8CVSS5.8AI score0.00368EPSS

Exploits0References2

Snyk•added 2026/05/12 9:20 p.m.•11 views

Cross-site Scripting (XSS)

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the form fields. An attacker can execute arbitrary JavaScript in the context of a victim's browser by injecting malicious scripts, potentially...

8.7CVSS5.8AI score0.00402EPSS

Exploits0References2

Snyk•added 2026/05/12 9:20 p.m.•9 views

Cross-site Scripting (XSS)

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the form fields process. An attacker can execute arbitrary JavaScript in the context of another user's browser session by injecting malicious...

4.8CVSS5.8AI score0.00274EPSS

Exploits0References2

NVD•added 2026/05/12 8:16 p.m.•10 views

CVE-2026-34655

4.8CVSS0.00368EPSS

Exploits0References1

NVD•added 2026/05/12 8:16 p.m.•6 views

CVE-2026-34658

4.8CVSS0.00274EPSS

Exploits0References1

CVE•added 2026/05/12 7:50 p.m.•13 views

CVE-2026-34658

Summary: Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious Jav...

4.8CVSS5.8AI score0.00274EPSS

Exploits0References1Affected Software1

ATTACKERKB•added 2026/05/12 7:50 p.m.•10 views

CVE-2026-34658

4.8CVSS5.8AI score0.00274EPSS

Exploits0References2

Cvelist•added 2026/05/12 7:50 p.m.•31 views

CVE-2026-34658 Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79)

4.8CVSS0.00274EPSS

Exploits0References1

ATTACKERKB•added 2026/05/12 7:50 p.m.•5 views

CVE-2026-34686

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may ...

8.7CVSS5.8AI score0.00402EPSS

Exploits0References2

CVE•added 2026/05/12 7:50 p.m.•21 views

CVE-2026-34686

Adobe Commerce (Magento) versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a stored cross-site scripting (XSS) vulnerability. A low-privilege attacker can abuse vulnerable form fields to inject malicious scripts, which may execute in a victim’s ...

8.7CVSS5.8AI score0.00402EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2026/05/12 7:50 p.m.•13 views

CVE-2026-34686 Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may ...

8.7CVSS5.8AI score0.00402EPSS

Exploits0References1

Cvelist•added 2026/05/12 7:50 p.m.•32 views

CVE-2026-34655 Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79)

4.8CVSS0.00368EPSS

Exploits0References1

Vulnrichment•added 2026/05/12 7:50 p.m.•7 views

CVE-2026-34655 Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79)

4.8CVSS5.8AI score0.00368EPSS

Exploits0References1

CVE•added 2026/05/12 7:50 p.m.•19 views

CVE-2026-34655

Adobe Commerce is affected by a stored XSS vulnerability (CVE-2026-34655) in versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier. The issue allows a high-privileged attacker to inject malicious scripts into vulnerable form fields, potentially executing JavaScript...

4.8CVSS5.8AI score0.00368EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2026/05/12 12:0 a.m.•10 views

PT-2026-40417

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may ...

8.7CVSS5.8AI score0.00402EPSS

Exploits0References2

Positive Technologies•added 2026/05/12 12:0 a.m.•8 views

PT-2026-40400

4.8CVSS5.8AI score0.00368EPSS

Exploits0References2

CNNVD•added 2026/05/12 12:0 a.m.•9 views

Adobe Commerce 跨站脚本漏洞

Adobe Commerce is a leading global digital business solution for businesses and brands offered by Adobe in the United States. Adobe Commerce has a cross-site scripting vulnerability, which stems from a storage-based cross-site scripting issue. This vulnerability could allow high-privilege attacke...

4.8CVSS5.6AI score0.00274EPSS

Exploits0References1

CNNVD•added 2026/05/12 12:0 a.m.•9 views

Adobe Commerce 跨站脚本漏洞

4.8CVSS5.6AI score0.00368EPSS

Exploits0References1

Positive Technologies•added 2026/05/12 12:0 a.m.•9 views

PT-2026-40402

4.8CVSS5.8AI score0.00274EPSS

Exploits0References2

Rows per page