Multiple vulnerabilities have been discovered in Adobe Commerce and Magento Open Source, the most severe of which could allow for remote code execution.
Adobe Commerce is a leading provider of cloud commerce innovation to merchants and brands across B2C and B2B industries.
Magento is a web-based e-commerce application written in PHP.
Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
More Stories
USN-7262-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...
crun-1.20-2.fc40
FEDORA-2025-166f075581 Packages in this update: crun-1.20-2.fc40 Update description: Security fix for GHSA-f42g-r5jj-qh4j Read More
crun-1.20-2.fc41
FEDORA-2025-46200d968d Packages in this update: crun-1.20-2.fc41 Update description: Security fix for GHSA-f42g-r5jj-qh4j Read More
USN-7259-3: GNU C Library vulnerability
USN-7259-1 fixed a vulnerability in GNU C Library. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory...
USN-7259-2: GNU C Library vulnerability
USN-7259-1 fixed a vulnerability in GNU C Library. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory...
USN-7261-1: Vim vulnerability
It was discovered that Vim incorrectly handled certain internal calls when scrolling a window. An attacker could possibly use this...