Loading
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue does not require user interaction.
Use CWE-20, Adobe vendor hub and Commerce product page to widen CVE-2025-54236 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2026-21361, CVE-2026-21311 and CVE-2026-21309 for nearby disclosures in the same product family.