VIR Vulnerability Intelligence Relay

Package impact

php Packagist / magento/community-edition

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2025-54236 critical 9.1 10.0 9mo ago Adobe Commerce and Magento Open Source contain an improper input validation vulnerability that could allow an attacker to take over customer accounts through the Commerce REST API. php
CVE-2024-34102 unknown 1.5 2y ago Adobe Commerce and Magento Open Source contain an improper restriction of XML external entity reference (XXE) vulnerability that allows for remote code execution. php
CVE-2022-24086 unknown 1.5 4y ago Adobe Commerce and Magento Open Source contain an improper input validation vulnerability which can allow for arbitrary code execution. php