Latest CVE Vulnerabilities

6.2 MEDIUM

CVE-2026-34671 — CAI Content Credentials | Integer Overflow or Wraparound (CWE-190)

CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exp…

| Denial of Service

May 12, 2026 May 12, 2026

May 12, 2026

6.2 MEDIUM

CVE-2026-34670 — CAI Content Credentials | Improper Input Validation (CWE-20)

CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit …

| Denial of Service

May 12, 2026 May 12, 2026

May 12, 2026

6.2 MEDIUM

CVE-2026-34669 — CAI Content Credentials | Improper Input Validation (CWE-20)

CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit …

| Denial of Service

May 12, 2026 May 12, 2026

May 12, 2026

6.2 MEDIUM

CVE-2026-34668 — CAI Content Credentials | Improper Input Validation (CWE-20)

CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit …

| Denial of Service

May 12, 2026 May 12, 2026

May 12, 2026

6.2 MEDIUM

CVE-2026-34667 — CAI Content Credentials | Integer Underflow (Wrap or Wraparound) (CWE-191)

CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in an application denial-of-service. An attacker c…

| Denial of Service

May 12, 2026 May 12, 2026

May 12, 2026

6.2 MEDIUM

CVE-2026-34666 — CAI Content Credentials | Improper Input Validation (CWE-20)

CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit …

| Denial of Service

May 12, 2026 May 12, 2026

May 12, 2026

7.5 HIGH

CVE-2026-34665 — CAI Content Credentials | Uncontrolled Resource Consumption (CWE-400)

CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could explo…

Remote | Denial of Service

May 12, 2026 May 12, 2026

May 12, 2026

4.8 MEDIUM

CVE-2026-34658 — Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-p…

Remote | Cross-Site Scripting

May 12, 2026 May 12, 2026

May 12, 2026

4.3 MEDIUM

CVE-2026-34656 — Adobe Commerce | Improper Authorization (CWE-285)

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature by…

Remote | Authorization

May 12, 2026 May 12, 2026

May 12, 2026

4.8 MEDIUM

CVE-2026-34655 — Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-p…

Remote | Cross-Site Scripting

May 12, 2026 May 12, 2026

May 12, 2026

5.3 MEDIUM

CVE-2026-34654 — Adobe Commerce | Dependency on Vulnerable Third-Party Component (CWE-1395)

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result i…

Remote | Denial of Service

May 12, 2026 May 12, 2026

May 12, 2026

8.7 HIGH

CVE-2026-34653 — Adobe Commerce | Improper Limitation of a Pathname to a Restricted Directory ('Path Trave…

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') …

Remote | Path Traversal

May 12, 2026 May 12, 2026

May 12, 2026

7.5 HIGH

CVE-2026-34652 — Adobe Commerce | Dependency on Vulnerable Third-Party Component (CWE-1395)

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result i…

Remote | Supply Chain

May 12, 2026 May 12, 2026

May 12, 2026

7.5 HIGH

CVE-2026-34651 — Adobe Commerce | Uncontrolled Resource Consumption (CWE-400)

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application …

Remote | Denial of Service

May 12, 2026 May 12, 2026

May 12, 2026

7.5 HIGH

CVE-2026-34650 — Adobe Commerce | Uncontrolled Resource Consumption (CWE-400)

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application …

Remote | Denial of Service

May 12, 2026 May 12, 2026

May 12, 2026

7.5 HIGH

CVE-2026-34649 — Adobe Commerce | Uncontrolled Resource Consumption (CWE-400)

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application …

Remote | Denial of Service

May 12, 2026 May 12, 2026

May 12, 2026

7.5 HIGH

CVE-2026-34648 — Adobe Commerce | Uncontrolled Resource Consumption (CWE-400)

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application …

Remote | Denial of Service

May 12, 2026 May 12, 2026

May 12, 2026

7.4 HIGH

CVE-2026-34647 — Adobe Commerce | Server-Side Request Forgery (SSRF) (CWE-918)

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in a Security…

Remote | Server-Side Request Forgery

May 12, 2026 May 12, 2026

May 12, 2026

7.5 HIGH

CVE-2026-34646 — Adobe Commerce | Incorrect Authorization (CWE-863)

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature b…

Remote | Authorization

May 12, 2026 May 12, 2026

May 12, 2026

7.5 HIGH

CVE-2026-34645 — Adobe Commerce | Incorrect Authorization (CWE-863)

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature b…

Remote | Authorization

May 12, 2026 May 12, 2026

May 12, 2026

Browse by Apps

Latest CVE Feed

Cookie Preferences