| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-32272 | Craft Commerce: Blind SQL Injection via hasVariant/hasProduct | craftcms | commerce | 中危 | - | 2026-04-13 20:25:50 | Deep Dive |
| CVE-2026-32271 | Craft Commerce: SQL Injection can lead to Remote Code Execution via TotalRevenue Widget | craftcms | commerce | 高危 | - | 2026-04-13 20:19:19 | Deep Dive |
| CVE-2026-32270 | Craft Commerce: Unauthenticated information disclosure in `commerce/payments/pay` can leak some customer order data on anonymous payments | craftcms | commerce | 中危 | - | 2026-04-13 20:08:05 | Deep Dive |
| CVE-2026-39689 | WordPress eShipper Commerce plugin <= 2.16.12 - Broken Access Control vulnerability | eshipper | eShipper Commerce | - | - | 2026-04-08 08:30:44 | Deep Dive |
| CVE-2026-5041 | code-projects Chamber of Commerce Membership Management System pageMail.php fwrite command injection | code-projects | Chamber of Commerce Membership Management System | Medium | 4.7 | 2026-03-29 09:45:11 | Deep Dive |
| CVE-2026-25396 | WordPress Commerce Coinbase For WooCommerce plugin <= 1.6.6 - Broken Access Control vulnerability | CoderPress | Commerce Coinbase For WooCommerce | 中危 | - | 2026-03-25 16:14:48 | Deep Dive |
| CVE-2026-4613 | SourceCodester E-Commerce Site products.php sql injection | SourceCodester | E-Commerce Site | High | 7.3 | 2026-03-23 23:04:01 | Deep Dive |
| CVE-2026-31867 | Craft Commerce has a Potential IDOR in Commerce carts | craftcms | commerce | - | - | 2026-03-11 17:52:18 | Deep Dive |
| CVE-2026-21291 | Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) | Adobe | Adobe Commerce | Medium | 4.8 | 2026-03-11 02:19:25 | Deep Dive |
| CVE-2026-21293 | Adobe Commerce | Server-Side Request Forgery (SSRF) (CWE-918) | Adobe | Adobe Commerce | Medium | 5.5 | 2026-03-11 02:19:24 | Deep Dive |
| CVE-2026-21282 | Adobe Commerce | Improper Input Validation (CWE-20) | Adobe | Adobe Commerce | Medium | 5.3 | 2026-03-11 02:19:23 | Deep Dive |
| CVE-2026-21286 | Adobe Commerce | Incorrect Authorization (CWE-863) | Adobe | Adobe Commerce | Medium | 5.3 | 2026-03-11 02:19:22 | Deep Dive |
| CVE-2026-21294 | Adobe Commerce | Server-Side Request Forgery (SSRF) (CWE-918) | Adobe | Adobe Commerce | Medium | 5.5 | 2026-03-11 02:19:21 | Deep Dive |
| CVE-2026-21284 | Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) | Adobe | Adobe Commerce | High | 8.1 | 2026-03-11 02:19:20 | Deep Dive |
| CVE-2026-21297 | Adobe Commerce | Incorrect Authorization (CWE-863) | Adobe | Adobe Commerce | Medium | 4.3 | 2026-03-11 02:19:20 | Deep Dive |
| CVE-2026-21359 | Adobe Commerce | Incorrect Authorization (CWE-863) | Adobe | Adobe Commerce | Medium | 4.7 | 2026-03-11 02:19:19 | Deep Dive |
| CVE-2026-21309 | Adobe Commerce | Incorrect Authorization (CWE-863) | Adobe | Adobe Commerce | High | 7.5 | 2026-03-11 02:19:18 | Deep Dive |
| CVE-2026-21292 | Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) | Adobe | Adobe Commerce | Medium | 5.4 | 2026-03-11 02:19:17 | Deep Dive |
| CVE-2026-21310 | Adobe Commerce | Improper Input Validation (CWE-20) | Adobe | Adobe Commerce | Medium | 5.3 | 2026-03-11 02:19:16 | Deep Dive |
| CVE-2026-21285 | Adobe Commerce | Incorrect Authorization (CWE-863) | Adobe | Adobe Commerce | Medium | 4.3 | 2026-03-11 02:19:15 | Deep Dive |