Authorization Bypass Vulnerability in Akilli Commerce E-Commerce Software
CVE-2026-2347

9.8CRITICAL

Key Information:

Vendor: Akilli Commerce Software Technologies Ltd. Co.
Status: E-commerce Website
Vendor: CVE Published:; 14 May 2026

🔔 Create Akilli Commerce Software Technologies Ltd. Co. Vulnerability Alert

What is CVE-2026-2347?

The vulnerability in Akilli Commerce's E-Commerce Website allows unauthorized access through an authorization bypass via a user-controlled key. This flaw can be exploited by attackers to hijack user sessions, potentially leading to unauthorized transactions and compromise of sensitive customer information. It affects all versions before 4.5.001, emphasizing the need for immediate updates to safeguard against this vulnerability.

Affected Version(s)

E-Commerce Website 0 < 4.5.001

References

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/...

government-resource

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2026
Vulnerability Reserved
Feb 11, 2026

Credit

Ferit ÖZNER

CVE-2026-2347 Data

JSON