CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

CVE-2026-47741

Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, CreateOrderFromCartAction::execute previously created the Order row before checking and incrementing the discount's totaluse counter. Under concurrent checkout pressure Black Friday, flash sale, viral coupon, the global usagelimit was...

5.9CVSS5.5AI score0.00032EPSS

Exploits0References1

Cvelist•added 2026/05/29 6:2 p.m.•27 views

CVE-2026-47741 Shopper: Race condition on Discount.usage_limit allows silent over-redemption

5.9CVSS0.00032EPSS

Exploits0References3

ATTACKERKB•added 2026/05/29 6:2 p.m.•6 views

CVE-2026-47741

5.9CVSS5.8AI score0.00032EPSS

Exploits0References4Affected Software1

Vulnrichment•added 2026/05/29 6:2 p.m.•9 views

CVE-2026-47741 Shopper: Race condition on Discount.usage_limit allows silent over-redemption

5.9CVSS5.8AI score0.00032EPSS

Exploits0References3

EUVD•added 2026/05/29 6:2 p.m.•7 views

EUVD-2026-33409

5.9CVSS5.8AI score0.00032EPSS

Exploits0References3

CVE•added 2026/05/29 6:2 p.m.•9 views

CVE-2026-47741

CVE-2026-47741 affects Shopper, a Headless e-commerce Admin Panel. Before 2.8.0, CreateOrderFromCartAction::execute created the Order row before incrementing the discount’s total_use, allowing a race condition under concurrent checkout that silently exceeded the global usage_limit and applied the...

5.9CVSS5.8AI score0.00032EPSS

Exploits0References3

Positive Technologies•added 2026/05/29 12:0 a.m.•6 views

PT-2026-44942

Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, CreateOrderFromCartAction::execute previously created the Order row before checking and incrementing the discount's total use counter. Under concurrent checkout pressure Black Friday, flash sale, viral coupon, the global usage limit wa...

5.9CVSS5.8AI score0.00032EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by