Vulnerability Database
296,748
Total vulnerabilities in the database
CVE-2025-54236
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact to high. Exploitation of this issue does not require user interaction.
| Software | From | Fixed in |
|---|---|---|
magento / community-edition
|
- | 2.4.5-p14.x |
|
magento / community-edition
|
2.4.6 | 2.4.6.x |
|
magento / community-edition
|
2.4.6-p1 | 2.4.6-p12.x |
|
magento / community-edition
|
2.4.5 | 2.4.5.x |
|
magento / community-edition
|
2.4.9-alpha1 | 2.4.9-alpha2.x |
|
magento / community-edition
|
2.4.7 | 2.4.7.x |
|
magento / community-edition
|
2.4.8 | 2.4.8.x |
|
magento / community-edition
|
2.4.7-beta1 | 2.4.7-p7.x |
|
magento / community-edition
|
2.4.8-beta1 | 2.4.8-p2.x |
|
magento / community-edition
|
2.4.9 | 2.4.9.x |
|
magento / project-community-edition
|
- | 2.0.2.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime