|
1611
|
7.5 |
HIGH
Network
|
-
|
-
|
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result i…
|
-
|
CVE-2026-34652
|
2026-05-13 23:49 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1612
|
8.7 |
HIGH
Network
|
-
|
-
|
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') …
|
CWE-22
Path Traversal
|
CVE-2026-34653
|
2026-05-13 23:49 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1613
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result i…
|
-
|
CVE-2026-34654
|
2026-05-13 23:49 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1614
|
4.8 |
MEDIUM
Network
|
-
|
-
|
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-p…
|
CWE-79
Cross-site Scripting
|
CVE-2026-34655
|
2026-05-13 23:49 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1615
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature by…
|
CWE-285
Improper Authorization
|
CVE-2026-34656
|
2026-05-13 23:49 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1616
|
4.8 |
MEDIUM
Network
|
-
|
-
|
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-p…
|
CWE-79
Cross-site Scripting
|
CVE-2026-34658
|
2026-05-13 23:49 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1617
|
3.4 |
LOW
Network
|
-
|
-
|
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier [NEEDS REVIEW: impact mismatch — ticket says 'Arbitrary file system write', CIA triad derives 'Sec…
|
CWE-20
Improper Input Validation
|
CVE-2026-34685
|
2026-05-13 23:49 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1618
|
- |
|
-
|
-
|
Improper enforcement of the LFENCE serialization property may allow an attacker to bypass speculation barriers and potentially disclose sensitive information, potentially resulting in loss of confide…
|
CWE-693
Protection Mechanism Failure
|
CVE-2024-36315
|
2026-05-13 23:49 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1619
|
- |
|
-
|
-
|
Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentially resulting in loss of SEV-SNP guest integrity.
|
CWE-1233
Security-Sensitive Hardware Controls with Missing Lock Bit Protection
|
CVE-2025-61971
|
2026-05-13 23:49 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1620
|
- |
|
-
|
-
|
Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network (SMN) access, potentially resulting in arbitrary code executio…
|
CWE-1233
Security-Sensitive Hardware Controls with Missing Lock Bit Protection
|
CVE-2025-61972
|
2026-05-13 23:49 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
