Incorrect Authorization in Adobe Commerce Exposes Security Features
CVE-2026-47998
5.9MEDIUM
Key Information:
- Vendor
Adobe
- Vendor
- CVE Published:
- 14 July 2026
What is CVE-2026-47998?
Adobe Commerce suffers from an Incorrect Authorization vulnerability, allowing attackers to bypass security measures and gain unauthorized read access. This issue can be exploited without the need for user interaction, relying on specific conditions that may be outside of the attacker's control, increasing the potential risk for users.
Affected Version(s)
Adobe Commerce 0 <= 2.4.9, 2.4.8-p5, 2.4.7-p10, 2.4.6-p15, 2.4.5-p17, 2.4.4-p18
Adobe Commerce 0 <= 2.4.9, 2.4.8-p5, 2.4.7-p10, 2.4.6-p15, 2.4.5-p17, 2.4.4-p18
Adobe Commerce B2B 0 <= 1.5.3, 1.5.2-p5, 1.4.2-p10, 1.3.4-p17, 1.3.3-p18