Actively exploited vulnerability

CVE-2022-24086: Adobe Commerce and Magento Open Source Improper Input Validation Vulnerability

Adobe Commerce and Magento Open Source contain an improper input validation vulnerability which can allow for arbitrary code execution.

CISA KEV source 15 Feb 2022 added 1 Mar 2022 remediation due

Affected product

Adobe · Commerce and Magento Open Source

Known ransomware use: Unknown

Required action

Follow the source advisory and validate exposure in your environment.

Apply updates per vendor instructions.

Related Yasna coverage

Recent reporting that mentions CVE-2022-24086.