Find notable cyber news and cases, enriched with sources, timelines, and signals.

Adobe Commerce SessionReaper exploitation wave (CVE-2025-54236)

Exploitation Wave
First reported
Last updated
Happening score
H score 53
2 unique sources, 2 articles

Summary

Hide ▲

Adobe Commerce is seeing an active exploitation wave for CVE-2025-54236 / SessionReaper, with hundreds of attempts hitting multiple stores and many deployments still unpatched. The attacks matter because the flaw can let an attacker take control of account sessions without user interaction. Sansec says it has already detected and blocked the first real-world attacks.

Cases

Related Happenings

Everest Forms Pro CVE-2026-3300 active exploitation wave

Exploitation Wave
H score87 First: 05.06.2026 11:38 Last: 05.06.2026 11:38 Sources 1

About this happening: Active exploitation of **CVE-2026-3300** in **Everest Forms Pro** is driving **complete site compromise** risk for WordPress sites. Attackers have been using the flaw for arbitrar...

MetInfo CMS unauthenticated PHP code injection actively exploited remote code execution flaw (CVE-2026-29014)

Vulnerability
H score53 First: 05.05.2026 14:56 Last: 05.05.2026 14:56 Sources 1

About this happening: **CVE-2026-29014** in **MetInfo CMS** is **actively exploited**, putting **versions 7.9, 8.0, and 8.1** at risk of **remote code execution** and full server takeover. **MetInfo**...

TP-Link router authenticated command injection (CVE-2023-33538)

Vulnerability
H score27 First: 20.04.2026 10:50 Last: 20.04.2026 10:50 Sources 1

About this happening: **CVE-2023-33538** in **discontinued TP-Link routers** is still being probed, leaving exposed devices at risk of **arbitrary command execution** and **denial of service** if attac...

Cisco security patch release for CVE-2026-20184

Security Patch Release
H score44 First: 16.04.2026 14:27 Last: 16.04.2026 14:27 Sources 1

About this happening: **Cisco** released patches for **four critical flaws** affecting **Identity Services Engine (ISE)**, **ISE-PIC**, and **Webex Services**, closing paths to **arbitrary code executi...

Microsoft April 2026 Patch Tuesday security updates (167 flaws)

Security Patch Release
H score55 First: 14.04.2026 20:41 Last: 14.04.2026 20:41 Sources 1

About this happening: Microsoft's **April 2026 Patch Tuesday** ships **security updates** for **167 flaws**, including **2 zero-days**, reducing exposure across widely used Microsoft software. The rele...

Timeline

  1. 22.10.2025 21:41 3 articles · 8mo ago

    Sansec detects active SessionReaper exploitation

    Exploitation Observed

    Sansec said Adobe Commerce stores were under active exploitation for CVE-2025-54236, with Sansec Shield detecting and blocking the first real-world attacks today, more than 250 SessionReaper attempts hitting multiple stores, and payloads including PHP webshells and phpinfo probes while 62% of Magento stores online remained unpatched.

    Show sources
  2. 08.09.2025 03:00 1 articles · 10mo ago

    Adobe warns about CVE-2025-54236 in Adobe Commerce

    Initial Disclosure

    Adobe warned that CVE-2025-54236 is an improper input validation vulnerability in Adobe Commerce (formerly Magento) that can let an attacker take control of account sessions through the Commerce REST API, affecting Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15, and earlier.

    Show sources