CVE-2025-54236 – Adobe Commerce/Magento
CVSS 9.1
CRITICAL
“When your storefront is under attack, every transaction becomes a risk.”
Adobe has released a critical security patch for CVE-2025-54236 affecting Adobe Commerce. This vulnerability impacts core eCommerce functionality and could allow attackers to compromise online stores, manipulate transactions, or access sensitive customer and payment data. The CVSS score is 9.1, which is Critical severity.
Active exploitation has been confirmed, making this an urgent threat for any organization running affected versions. Attackers can leverage this weakness to target revenue streams directly, disrupt operations, and damage customer trust.
Key Details
- Affected Product
- Adobe Commerce
- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- None
- CWE Classification
- CWE-20
Patch this CVE on all your endpoints in under 5 minutes.
First 200 endpoints are free forever, scale as needed.