Incorrect Authorization Vulnerability in Adobe Commerce
CVE-2026-47996
7.6HIGH
Key Information:
- Vendor
Adobe
- Vendor
- CVE Published:
- 14 July 2026
What is CVE-2026-47996?
Adobe Commerce is impacted by a vulnerability that allows high-privileged attackers to bypass essential security features. This incorrect authorization flaw can potentially grant unauthorized access to sensitive information, making it crucial for users to address the risk. The issue is particularly concerning as exploitation does not necessitate any user interaction, emphasizing the importance of prompt security measures.
Affected Version(s)
Adobe Commerce 0 <= 2.4.9, 2.4.8-p5, 2.4.7-p10, 2.4.6-p15, 2.4.5-p17, 2.4.4-p18
Adobe Commerce 0 <= 2.4.9, 2.4.8-p5, 2.4.7-p10, 2.4.6-p15, 2.4.5-p17, 2.4.4-p18
Adobe Commerce B2B 0 <= 1.5.3, 1.5.2-p5, 1.4.2-p10, 1.3.4-p17, 1.3.3-p18