Where
AND
-Infinity
0

Trending

Last week
Last month
Last year

Adobe Commerce B2bAdobe Commerce | Improper Access Control (CWE-284)

Risk 31
Severity
8.1
EPSS
0.04%
First published (updated )
CVE-2025-24422

Adobe CommerceAdobe Commerce | Incorrect Authorization (CWE-863)

Risk 33
Severity
8.8
EPSS
0.05%
First published (updated )
CVE-2025-24437

Adobe Commerce B2bAdobe Commerce | Improper Access Control (CWE-284)

Risk 43
Severity
8.1
EPSS
0.04%
First published (updated )
CVE-2025-24424

Adobe CommerceAdobe Commerce | Incorrect Authorization (CWE-863)

Risk 27
Severity
8.8
EPSS
0.05%
First published (updated )
CVE-2025-24436

Adobe Commerce B2bAdobe Commerce | Incorrect Authorization (CWE-863)

Risk 37
Severity
8.1
EPSS
0.04%
First published (updated )
CVE-2025-24407
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Adobe Commerce B2bAdobe Commerce | Improper Access Control (CWE-284)

Risk 25
Severity
8.1
EPSS
0.04%
First published (updated )
CVE-2025-24423

Adobe CommerceAdobe Commerce | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)

Risk 31
Severity
7.5
EPSS
0.04%
First published (updated )
CVE-2025-24406

Adobe CommerceAdobe Commerce | Improper Access Control (CWE-284)

Risk 43
Severity
8.1
EPSS
0.04%
First published (updated )
CVE-2025-24427

Adobe Commerce B2bAdobe Commerce | Improper Access Control (CWE-284)

Risk 31
Severity
8.1
EPSS
0.04%
First published (updated )
CVE-2025-24426

Adobe CommerceAdobe Commerce | Server-Side Request Forgery (SSRF) (CWE-918)

Risk 31
Severity
7.7
EPSS
0.09%
First published (updated )
CVE-2024-49521
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Adobe CommerceAdobe Commerce | Improper Input Validation (CWE-20)

Risk 49
Severity
7.6
First published (updated )
CVE-2024-45117

Adobe CommerceAdobe Commerce | Cross-site Scripting (XSS) (CWE-79)

Risk 56
Severity
8.1
First published (updated )
CVE-2024-45116

Adobe CommerceAdobe Commerce | Improper Authentication (CWE-287)

Risk 79
Severity
8.8
First published (updated )
CVE-2024-45148

Adobe CommerceStored XSS through Webhook module public key configuration

Risk 49
Severity
7.6
First published (updated )
CVE-2024-39403

Adobe Commerce[Paris] Path Traversal lead to local file read

Risk 44
Severity
7.7
First published (updated )
CVE-2024-39399
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Adobe CommerceOTP 2FA can be bruteforced

Risk 56
Severity
7.4
First published (updated )
CVE-2024-39398

Adobe CommerceAdobe Commerce | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)

Risk 66
Severity
8.4
First published (updated )
CVE-2024-39401

Adobe CommerceAdobe Commerce | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)

Risk 66
Severity
8.4
First published (updated )
CVE-2024-39402

Adobe CommerceAdobe Commerce | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)

Risk 45
Severity
7.7
First published (updated )
CVE-2024-39406

Adobe CommerceDOM XSS through integrations can impact other admins

Risk 54
Severity
8.1
First published (updated )
CVE-2024-39400
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Adobe CommerceCustomer account takeover via web API call & subsequent password reset

Risk 78
Severity
8.1
First published (updated )
CVE-2024-34103

Adobe CommerceAdobe Commerce | Improper Input Validation (CWE-20)

Risk 66
Severity
7.2
First published (updated )
CVE-2024-34109

Adobe CommerceRCE in the Adobe Commerce Webhook module through a legit webhook definition

Risk 66
Severity
7.2
First published (updated )
CVE-2024-34110

Adobe CommerceSSRF in service connector

Risk 82
Severity
8.8
First published (updated )
CVE-2024-34111

Adobe CommerceAdobe Commerce | Improper Authorization (CWE-285)

Risk 57
Severity
8.2
First published (updated )
CVE-2024-34104
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Adobe CommerceAdobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79)

Risk 54
Severity
8.1
First published (updated )
CVE-2024-20759

Adobe CommerceInput Validation

Risk 79
Severity
8.8
First published (updated )
CVE-2023-38218

Adobe CommerceValidate Your Inputs | Cross-site Scripting (Stored XSS) (CWE-79) - Customer to Admin stored XSS with Gift wrapping

Risk 61
Severity
8.7
First published (updated )
CVE-2023-38219

Adobe CommerceFull page cache enumeration via cookie X-Magento-Vary

Risk 43
Severity
7.5
First published (updated )
CVE-2023-38220

Adobe CommerceAdobe Commerce | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89)

Risk 65
Severity
8
First published (updated )
CVE-2023-38250
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203