magento/community-edition vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2025-54265Mediummagento/community-edition: Magento allows incorrect authorizationCVE-2025-54263Highmagento/community-edition: Magento provides incorrect authorization through a security feature bypassCVE-2025-54267Mediummagento/project-community-edition: Magento vulnerable to privilege escalation due to incorrect authorizationCVE-2025-54266Mediummagento/project-community-edition: Magento vulnerable to stored Cross-Site Scripting (XSS)CVE-2025-54264Highmagento/project-community-edition: Magento vulnerable to stored Cross-Site Scripting (XSS)CVE-2025-54236Criticalmagento/community-edition: Magento Community Edition Improper Input Validation vulnerabilityCVE-2025-49554Highmagento/project-community-edition: Magento vulnerable to denial of serviceCVE-2025-49559Mediummagento/project-community-edition: Magento vulnerable to path traversalCVE-2025-49557Highmagento/community-edition: Magento Cross-site Scripting vulnerabilityCVE-2025-49556Highmagento/project-community-edition: Magento has incorrect authorization issue that leads to arbitrary file system readCVE-2025-49558Mediummagento/project-community-edition: Magento Time-of-check Time-of-use (TOCTOU) Race Condition vulnerabilityCVE-2025-49555Highmagento/project-community-edition: Magento Cross-Site Request Forgery (CSRF) vulnerabilityCVE-2025-49550Mediummagento/project-community-edition: Magento Security feature bypassCVE-2025-49549Lowmagento/project-community-edition: Magento Authenticated Security feature bypassCVE-2025-43585Highmagento/project-community-edition: Magento Improper Authorization leading to security feature bypassCVE-2025-47110Criticalmagento/community-edition: Magneto contains stored XSS vulnerabilityCVE-2025-27206Mediummagento/project-community-edition: Magento Improper Access Control leads to security feature bypassCVE-2025-27191Mediummagento/project-community-edition: Magento Improper Access Control leads to Security feature bypassCVE-2025-27188Mediummagento/community-edition: Magento Improper Authorization vulnerabilityCVE-2025-27190Mediummagento/project-community-edition: Magento Improper Access Control leads to Security feature bypassCVE-2025-27192Lowmagento/project-community-edition: Magento does not properly protect credentialsCVE-2025-24434Criticalmagento/community-edition: Improper Authorization vulnerability in Magento and Adobe CommerceCVE-2025-24437Mediummagento/community-edition: Magento Improper Access Control vulnerabilityCVE-2025-24436Mediummagento/community-edition: Magento Improper Access Control vulnerabilityCVE-2025-24435Mediummagento/community-edition: Magento Improper Access Control vulnerability

Stop the waste.
Protect your environment with Kodem.