Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:12 p.m.4 views

CVE-2026-21282

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Improper Input Validation vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability by providing specially crafted input,...

5.3CVSS5.8AI score0.00524EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:12 p.m.4 views

CVE-2026-21292

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker attacker to inject malicious scripts into vulnerable form fields. Exploitation of...

5.4CVSS5.8AI score0.00255EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:12 p.m.3 views

CVE-2026-21285

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures an...

4.3CVSS5.8AI score0.00255EPSS
Exploits0References1
OSV
OSV
added 2026/03/11 3:15 a.m.4 views

CVE-2026-21286

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain limited...

5.3CVSS5.8AI score
Exploits0References1
EUVD
EUVD
added 2026/03/11 2:19 a.m.4 views

EUVD-2026-11038

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript ma...

8.1CVSS5.7AI score0.00382EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/11 2:19 a.m.5 views

CVE-2026-21309

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

7.5CVSS5.8AI score0.0056EPSS
Exploits0References2
CVE
CVE
added 2026/03/11 2:19 a.m.17 views

CVE-2026-21295

Adobe Commerce is affected by a URL Redirection to Untrusted Site (Open Redirect) vulnerability (CVE-2026-21295). Affected versions include 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier. The underlying issue allows an attacker to redirect users to malicious website...

3.1CVSS5.8AI score0.00233EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder