THREATOPS
THREAT OPSCVEs › CVE-2025-54236

CVE-2025-54236 — Adobe Commerce and Magento Improper Input Validation Vulnerability

CISA KEVExploited: confirmedAdobe

Adobe Commerce and Magento Open Source contain an improper input validation vulnerability that could allow an attacker to take over customer accounts through the Commerce REST API.

Vulnerability details