Adobe Magento Commerce
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Adobe Magento Commerce.
By the Year
In 2025 there have been 0 vulnerabilities in Adobe Magento Commerce. Magento Commerce did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 1 | 5.30 |
| 2021 | 1 | 5.30 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Magento Commerce vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Adobe Magento Commerce Security Vulnerabilities
Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Access Control vulnerability
CVE-2022-35692
5.3 - Medium
- August 19, 2022
Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to leak minor information of another user's account detials. Exploitation of this issue does not require user interaction.
Magento versions 2.4.1 (and earlier)
CVE-2021-21012
5.3 - Medium
- January 13, 2021
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an insecure direct object vulnerability (IDOR) in the checkout module. Successful exploitation could lead to sensitive information disclosure.
Insecure Direct Object Reference / IDOR
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Adobe Magento Commerce or by Adobe? Click the Watch button to subscribe.
