Advanced Threat Data Export

Filter and download the raw CVE repository (CSV/JSON) for SIEM integration and internal reporting.

Vulnerability Keyword

Date Range

Severity

Format

Upgrade Package

Data export is locked. Upgrade your package to enable filtering and downloading.

← Back to CVE List

CVE-2025-54236NVD

Description

Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue does not require user interaction.

Severity Level

CRITICAL (9.1)

Published Date

09/09/2025

Last Modified

11/05/2026

Exploitation Status

ACTIVE

References

https://helpx.adobe.com/security/products/magento/apsb25-88.html
https://experienceleague.adobe.com/en/docs/experience-cloud-kcs/kbarticles/ka-27397
https://nullsecurityx.codes/cve-2025-54236-sessionreaper-unauthenticated-rce-in-magento
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-54236