Incorrect Authorization Vulnerability in Adobe Commerce Products
CVE-2026-21286
5.3MEDIUM
What is CVE-2026-21286?
Adobe Commerce is impacted by an Incorrect Authorization vulnerability that allows attackers to bypass established security mechanisms and gain unauthorized view access to sensitive data. This flaw affects multiple versions of Adobe Commerce, enabling exploitation without user interaction, thus posing a significant risk to data integrity and user privacy.
Affected Version(s)
Adobe Commerce 0 <= 2.4.4-p16