CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10257 matches found

EUVD•added 2026/03/11 2:19 a.m.•5 views

EUVD-2026-11045

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may...

8.7CVSS5.7AI score0.00452EPSS

Exploits0References1

CVE•added 2026/03/11 2:19 a.m.•13 views

CVE-2026-21290

Adobe Commerce is affected by a stored Cross-Site Scripting (XSS) vulnerability (CVE-2026-21290) in multiple older 2.4.x releases (2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier). The issue allows a low-privileged attacker to inject malicious scripts into vulnerable...

8.7CVSS5.7AI score0.00452EPSS

Exploits0References1Affected Software1

ATTACKERKB•added 2026/03/11 2:19 a.m.•3 views

CVE-2026-21361

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting XSS vvulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript m...

8.1CVSS5.7AI score0.00445EPSS

Exploits0References2

Vulnrichment•added 2026/03/11 2:19 a.m.•2 views

CVE-2026-21361 Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79)

8.1CVSS5.7AI score0.00445EPSS

Exploits0References1

EUVD•added 2026/03/11 2:19 a.m.•6 views

EUVD-2026-11071

8.1CVSS5.7AI score0.00445EPSS

Exploits0References1

Cvelist•added 2026/03/11 2:19 a.m.•36 views

CVE-2026-21361 Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79)

8.1CVSS0.00445EPSS

Exploits0References1

EUVD•added 2026/03/11 2:19 a.m.•4 views

EUVD-2026-11065

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript ma...

8CVSS5.7AI score0.00304EPSS

Exploits0References1

Vulnrichment•added 2026/03/11 2:19 a.m.•4 views

CVE-2026-21311 Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript ma...

8CVSS5.7AI score0.00304EPSS

Exploits0References1

ATTACKERKB•added 2026/03/11 2:19 a.m.•2 views

CVE-2026-21311

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript ma...

8CVSS5.7AI score0.00304EPSS

Exploits0References2

CVE•added 2026/03/11 2:19 a.m.•19 views

CVE-2026-21311

Adobe Commerce (Magento) versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored XSS (CWE-79) in vulnerable form fields. A high-privileged attacker can inject JavaScript that is executed in a victim’s browser when they visit the affected pag...

8CVSS5.7AI score0.00304EPSS

Exploits0References1Affected Software1

OSV•added 2026/03/11 1:16 a.m.•5 views

CVE-2026-27264

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5.7AI score0.0003EPSS

Exploits0References1

OSV•added 2026/03/11 1:16 a.m.•2 views

CVE-2026-27266

5.4CVSS5.7AI score

Exploits0References1

OSV•added 2026/03/11 1:16 a.m.•3 views

CVE-2026-27265

5.4CVSS5.7AI score

Exploits0References1

OSV•added 2026/03/11 1:16 a.m.•3 views

CVE-2026-27262

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.7AI score

Exploits0References1

OSV•added 2026/03/11 1:16 a.m.•3 views

CVE-2026-27263

5.4CVSS5.7AI score0.0003EPSS

Exploits0References1