Incorrect Authorization Vulnerability in Adobe Commerce
CVE-2026-47997
5.9MEDIUM
Key Information:
- Vendor
Adobe
- Vendor
- CVE Published:
- 14 July 2026
What is CVE-2026-47997?
Adobe Commerce has a vulnerability characterized by incorrect authorization that could enable an unauthorized user to bypass established security mechanisms. This could lead to unauthorized read access to sensitive information without requiring any user interaction. Exploiting this vulnerability relies on specific conditions that may be outside the attacker's control, highlighting the need for vigilance in security practices.
Affected Version(s)
Adobe Commerce 0 <= 2.4.9, 2.4.8-p5, 2.4.7-p10, 2.4.6-p15, 2.4.5-p17, 2.4.4-p18
Adobe Commerce 0 <= 2.4.9, 2.4.8-p5, 2.4.7-p10, 2.4.6-p15, 2.4.5-p17, 2.4.4-p18
Adobe Commerce B2B 0 <= 1.5.3, 1.5.2-p5, 1.4.2-p10, 1.3.4-p17, 1.3.3-p18