THREAT OPS › CVEs › CVE-2025-54236
CVE-2025-54236 — Adobe Commerce and Magento Improper Input Validation Vulnerability
Adobe Commerce and Magento Open Source contain an improper input validation vulnerability that could allow an attacker to take over customer accounts through the Commerce REST API.
Vulnerability details
- Affected productsCommerce and Magento
- KEV remediation due2025-11-14