Home > Vulnerability Database > CVE-2025-49554

Mend.io Vulnerability Database

CVE-2025-49554

Good to know:

Date: August 12, 2025

Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Improper Input Validation vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability by providing specially crafted input, causing the application to crash or become unresponsive. Exploitation of this issue does not require user interaction.

Severity Score

7.5

Related Resources (3)

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-49554

Url: https://helpx.adobe.com/security/products/magento/apsb25-71.html

Url: https://www.mend.io/vulnerability-database/CVE-2025-49554

Severity Score

7.5

Weakness Type (CWE)

Improper Input Validation

CWE-20

Top Fix

Upgrade Version

Upgrade to version magento/community-edition - 2.4.4-p15;magento/community-edition - 2.4.9-alpha2;magento/community-edition - 2.4.5-p14;magento/community-edition - 2.4.6-p12;magento/community-edition - 2.4.7-p7;magento/community-edition - 2.4.8-p2

Learn More

CVSS v3.1

Base Score:	7.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2025-49554

Good to know:

Date: August 12, 2025

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?