Lucene search
+L

245 matches found

RedhatCVE
RedhatCVE
added 2026/05/13 8:22 p.m.16 views

CVE-2026-34645

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

7.5CVSS5.8AI score0.00561EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/13 3:29 p.m.6 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass in the handling of internal service references by the Gateway API provider. An attacker can gain unauthorized dynamic configuration write access by creating or updating an HTTPRoute that targets rest@internal, even...

9.9CVSS5.8AI score0.00468EPSS
Exploits1References2
EUVD
EUVD
added 2026/05/12 9:31 p.m.16 views

EUVD-2026-29780

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier NEEDS REVIEW: impact mismatch — ticket says 'Arbitrary file system write', CIA triad derives 'Security Feature Bypass'. Verify CVSS vector before publishing. are affected by an Improper Input...

3.4CVSS5.8AI score0.00373EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 9:31 p.m.14 views

EUVD-2026-29765

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

4.3CVSS5.8AI score0.00393EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 9:31 p.m.20 views

EUVD-2026-29755

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

7.5CVSS5.8AI score0.00411EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 9:31 p.m.21 views

EUVD-2026-29754

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

7.5CVSS5.8AI score0.00561EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/12 9:20 p.m.8 views

Incorrect Authorization

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Incorrect Authorization in the authorization process. An attacker can gain unauthorized write access by bypassing security measures. Remediation Upgrade...

8.7CVSS5.8AI score0.00561EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/12 9:20 p.m.9 views

Incorrect Authorization

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Incorrect Authorization via the authorization process. An attacker can gain unauthorized write access by bypassing security measures. Remediation Upgrade...

8.7CVSS5.8AI score0.00411EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 8:16 p.m.14 views

CVE-2026-34685

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures...

3.4CVSS0.00373EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 8:16 p.m.9 views

CVE-2026-34646

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

7.5CVSS0.00411EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 8:16 p.m.10 views

CVE-2026-34645

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

7.5CVSS0.00561EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/12 7:50 p.m.9 views

CVE-2026-34656 Adobe Commerce | Improper Authorization (CWE-285)

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

4.3CVSS5.8AI score0.00393EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 7:50 p.m.40 views

CVE-2026-34656 Adobe Commerce | Improper Authorization (CWE-285)

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

4.3CVSS0.00393EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 7:50 p.m.35 views

CVE-2026-34656

Adobe Commerce is affected by an Improper Authorization (CWE-285) vulnerability (CVE-2026-34656) impacting versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier. The issue could bypass security features and grant unauthorized write access. Exploitation requires use...

4.3CVSS5.8AI score0.00393EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/05/12 7:50 p.m.4 views

CVE-2026-34656 Adobe Commerce | Improper Authorization (CWE-285)

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

4.3CVSS6AI score0.00393EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/12 7:50 p.m.7 views

CVE-2026-34685 Adobe Commerce | Improper Input Validation (CWE-20)

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures...

3.4CVSS6.1AI score0.00373EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 7:50 p.m.11 views

CVE-2026-34685

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures...

3.4CVSS6.1AI score0.00373EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/12 7:50 p.m.38 views

CVE-2026-34685 Adobe Commerce | Improper Input Validation (CWE-20)

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures...

3.4CVSS0.00373EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 7:50 p.m.32 views

CVE-2026-34685

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A high-privileged attacker could bypass security measures and gain unauthorized write acc...

3.4CVSS6.1AI score0.00373EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/12 7:50 p.m.9 views

CVE-2026-34645

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

7.5CVSS5.8AI score0.00561EPSS
Exploits0References2
Rows per page
Query Builder