Saleor Vulnerabilities

Information Disclosure Vulnerability in Saleor E-commerce Platform

CVE-2026-39851

SaleorSaleor5.3MEDIUM

Business Logic and Authorization Flaw in Saleor E-Commerce Platform

CVE-2026-35407

SaleorSaleor5.9MEDIUM

Resource Exhaustion Vulnerability in Saleor E-Commerce Platform

CVE-2026-35401

SaleorSaleor7.5HIGH

Query Batching Vulnerability in Saleor E-Commerce Platform

CVE-2026-33756

SaleorSaleor7.5HIGH

Insecure Direct Object Reference in Saleor E-Commerce Platform

CVE-2026-24136

SaleorSaleor8.7HIGH

File Upload Vulnerability in Saleor E-commerce Platform

CVE-2026-23499

SaleorSaleor8.5HIGH

Stored XSS Vulnerability in Saleor E-commerce Platform

CVE-2026-22849

SaleorSaleor7.2HIGH

Information Disclosure in Saleor E-commerce Platform

CVE-2025-58442

SaleorSaleor5.3MEDIUM

Empty String Bypass of Cross-Site Request Forgery (CSRF) Validation in Saleor Versions 3.10.0 to 3.19.19

CVE-2024-31205

SaleorSaleor4.2MEDIUM

Non-constant time HMAC comparison in Adyen plugin in Saleor

CVE-2023-32694

SaleorSaleor4.8MEDIUM

Saleor is vulnerable to staff-authenticated error message information disclosure vulnerability via Python exceptions

CVE-2023-26051

SaleorSaleor6.5MEDIUM

Saleor is vulnerable to unauthenticated information disclosure via Python exceptions

CVE-2023-26052

SaleorSaleor3.7LOW

Improper object type validation in saleor

CVE-2022-39275

SaleorSaleor👾🟡5.3MEDIUM

Incorrect Access Control in Saleor's GraphQL API

CVE-2019-1010304

SaleorSaleor5.3MEDIUM

saleor Saleor Vulnerabilities

Vulnerability Published:

Sort By:

8 April 2026

Information Disclosure Vulnerability in Saleor E-commerce Platform

Business Logic and Authorization Flaw in Saleor E-Commerce Platform

Resource Exhaustion Vulnerability in Saleor E-Commerce Platform

Query Batching Vulnerability in Saleor E-Commerce Platform

23 January 2026

Insecure Direct Object Reference in Saleor E-Commerce Platform

21 January 2026

File Upload Vulnerability in Saleor E-commerce Platform

Stored XSS Vulnerability in Saleor E-commerce Platform

9 September 2025

Information Disclosure in Saleor E-commerce Platform

8 April 2024

Empty String Bypass of Cross-Site Request Forgery (CSRF) Validation in Saleor Versions 3.10.0 to 3.19.19

25 May 2023

Non-constant time HMAC comparison in Adyen plugin in Saleor

2 March 2023

Saleor is vulnerable to staff-authenticated error message information disclosure vulnerability via Python exceptions

Saleor is vulnerable to unauthenticated information disclosure via Python exceptions

6 October 2022

Improper object type validation in saleor

15 July 2019

Incorrect Access Control in Saleor's GraphQL API