Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Adobe security patch release for CVE-2025-54236

Security Patch Release
First reported
Last updated
Happening score
H score 59
2 unique sources, 2 articles

Summary

Hide ▲

Adobe issued an emergency update for Adobe Commerce and Magento open source to fix CVE-2025-54236, an improper input validation flaw that could enable remote session takeover. The patch, disclosed on Sept. 9, addressed a high-impact weakness in the e-commerce platform stack. Administrators should treat the release as urgent because the flaw was later confirmed as exploited in the wild.

Cases

Adobe Commerce SessionReaper exploitation and emergency remediation (4)

Related Happenings

TrendAI Trend Micro’s enterprise business security patch release for CVE-2026-34926

Security Patch Release
First: 22.05.2026 11:19 Last: 22.05.2026 11:19 Sources 1

About this happening: **TrendAI** released **Apex One** security updates after confirming a **zero-day** had been **exploited in the wild**, leaving **on-premises installations** at risk until patched....

Open Happening

Microsoft security patch release for CVE-2026-41089

Security Patch Release
First: 13.05.2026 00:46 Last: 13.05.2026 00:46 Sources 1

About this happening: **Microsoft** and other major software vendors shipped a heavy **May 2026** patch cycle, with fixes spanning **Windows**, **iOS**, **Firefox**, **Oracle** products, and **Chrome**...

Open Happening

Microsoft May 2026 Patch Tuesday (120 flaws)

Security Patch Release
First: 12.05.2026 21:08 Last: 12.05.2026 21:08 Sources 1

About this happening: **Microsoft** released its **May 2026 Patch Tuesday** updates, fixing **120 flaws** and disclosing **no zero-days**. The bundle includes **17 Critical** vulnerabilities, with mult...

Open Happening

Microsoft April 2026 Patch Tuesday security updates (167 flaws)

Security Patch Release
First: 14.04.2026 20:41 Last: 14.04.2026 20:41 Sources 1

About this happening: Microsoft's **April 2026 Patch Tuesday** ships **security updates** for **167 flaws**, including **2 zero-days**, reducing exposure across widely used Microsoft software. The rele...

Open Happening

Adobe security patch release for CVE-2026-34621

Security Patch Release
First: 12.04.2026 07:25 Last: 12.04.2026 07:25 Sources 1

About this happening: **Adobe** issued **emergency updates** for **Acrobat Reader**, **Acrobat DC**, and **Acrobat 2024** after **CVE-2026-34621** was found **actively exploited in the wild**. The patc...

Open Happening

Timeline

  1. 24.10.2025 00:25 3 articles · 7mo ago

    Adobe Commerce emergency update for CVE-2025-54236

    Mitigation Patch Update

    Adobe issued an emergency update for Adobe Commerce (formerly Magento) and Magento open source versions to fix CVE-2025-54236, an improper input validation flaw that could let attackers bypass security features and remotely take over Adobe Commerce sessions without user interaction.

    Show sources
    Open in new tab
  2. 24.10.2025 00:25 1 articles · 7mo ago

    Sansec detects SessionReaper exploitation and Assetnote publishes PoC

    Detection Ioc Update

    Sansec said exploitation activity for SessionReaper began on Wednesday, blocked more than 250 attempted attacks against multiple stores with Sansec Shield Web application firewall (WAF), and noted that Assetnote published a full technical analysis and proof-of-concept exploit the same day. Sansec also said attack sources expanded from five IP addresses to 97 different IPs, Adobe confirmed the flaw had been exploited in the wild, and initial payloads included PHP Web shells or phpinfo probes.

    Show sources
    Open in new tab