Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

Adobe security patch release for CVE-2025-54236

Security Patch Release
First reported
Last updated
Happening score
H score 51
2 unique sources, 2 articles

Summary

Hide ▲

Adobe issued an emergency update for Adobe Commerce and Magento open source to fix CVE-2025-54236, an improper input validation flaw that could enable remote session takeover. The patch, disclosed on Sept. 9, addressed a high-impact weakness in the e-commerce platform stack. Administrators should treat the release as urgent because the flaw was later confirmed as exploited in the wild.

Cases

Adobe Commerce SessionReaper exploitation and emergency remediation (4)

Related Happenings

JCE Pro 2.9.99.6 patch for CVE-2026-48907

Security Patch Release
H score46 First: 17.06.2026 13:09 Last: 17.06.2026 13:09 Sources 1

About this happening: **JCE security team** released **JCE Pro 2.9.99.6** in **early June 2026** to fix **CVE-2026-48907** in the **Widget Factory Joomla Content Editor (JCE) plugin**. The update addre...

Open Happening

Fortinet security patch release for CVE-2026-25089

Security Patch Release
H score44 First: 10.06.2026 18:10 Last: 10.06.2026 18:10 Sources 1

About this happening: **Fortinet**, **Ivanti**, and **SAP** released **security updates** that address multiple **critical vulnerabilities** across **FortiSandbox**, **Ivanti Sentry**, and **SAP** prod...

Latest development: 11.06.2026 09:20

Shadowserver reported large-scale exploitation attempts against Internet-exposed Ivanti Sentry gateways after CVE-2026-10520 was patched in R10.5.2, R10.6.2, and R10.7.1, saying it saw 19 vulnerable instances and at least 2 backdoored systems and warning that unpatched devices were most likely compromised.

Open Happening

Microsoft security patch release for CVE-2026-42897

Security Patch Release
H score44 First: 10.06.2026 16:44 Last: 10.06.2026 16:44 Sources 1

About this happening: **Microsoft** released **June 2026 Security Updates** for **Exchange Server 2016**, **Exchange Server 2019**, and **Exchange Server Subscription Edition (SE)** to fix **CVE-2026-4...

Open Happening

TrendAI Trend Micro’s enterprise business security patch release for CVE-2026-34926

Security Patch Release
H score45 First: 22.05.2026 11:19 Last: 22.05.2026 11:19 Sources 1

About this happening: **TrendAI** released **Apex One** security updates after confirming a **zero-day** had been **exploited in the wild**, leaving **on-premises installations** at risk until patched....

Open Happening

Microsoft security patch release for CVE-2026-41089

Security Patch Release
H score43 First: 13.05.2026 00:46 Last: 13.05.2026 00:46 Sources 1

About this happening: **Microsoft** and other major software vendors shipped a heavy **May 2026** patch cycle, with fixes spanning **Windows**, **iOS**, **Firefox**, **Oracle** products, and **Chrome**...

Open Happening

Timeline

  1. 24.10.2025 00:25 3 articles · 7mo ago

    Adobe Commerce emergency update for CVE-2025-54236

    Mitigation Patch Update

    Adobe issued an emergency update for Adobe Commerce (formerly Magento) and Magento open source versions to fix CVE-2025-54236, an improper input validation flaw that could let attackers bypass security features and remotely take over Adobe Commerce sessions without user interaction.

    Show sources
    Open in new tab
  2. 24.10.2025 00:25 1 articles · 7mo ago

    Sansec detects SessionReaper exploitation and Assetnote publishes PoC

    Detection Ioc Update

    Sansec said exploitation activity for SessionReaper began on Wednesday, blocked more than 250 attempted attacks against multiple stores with Sansec Shield Web application firewall (WAF), and noted that Assetnote published a full technical analysis and proof-of-concept exploit the same day. Sansec also said attack sources expanded from five IP addresses to 97 different IPs, Adobe confirmed the flaw had been exploited in the wild, and initial payloads included PHP Web shells or phpinfo probes.

    Show sources
    Open in new tab