| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-21290 | Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) | Adobe | Adobe Commerce | High | 8.7 | 2026-03-11 02:19:14 | Deep Dive |
| CVE-2026-21289 | Adobe Commerce | Incorrect Authorization (CWE-863) | Adobe | Adobe Commerce | High | 7.5 | 2026-03-11 02:19:13 | Deep Dive |
| CVE-2026-21361 | Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) | Adobe | Adobe Commerce | High | 8.1 | 2026-03-11 02:19:13 | Deep Dive |
| CVE-2026-21360 | Adobe Commerce | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) | Adobe | Adobe Commerce | Medium | 6.8 | 2026-03-11 02:19:12 | Deep Dive |
| CVE-2026-21296 | Adobe Commerce | Incorrect Authorization (CWE-863) | Adobe | Adobe Commerce | Medium | 4.3 | 2026-03-11 02:19:11 | Deep Dive |
| CVE-2026-21311 | Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) | Adobe | Adobe Commerce | High | 8.0 | 2026-03-11 02:19:10 | Deep Dive |
| CVE-2026-21295 | Adobe Commerce | URL Redirection to Untrusted Site ('Open Redirect') (CWE-601) | Adobe | Adobe Commerce | Low | 3.1 | 2026-03-11 02:19:09 | Deep Dive |
| CVE-2026-29177 | Craft Commerce has Stored XSS in Craft Commerce Order Details Slideout | craftcms | commerce | - | - | 2026-03-10 20:01:07 | Deep Dive |
| CVE-2026-29176 | Craft Commerce has Stored XSS in Inventory Location Name | craftcms | commerce | - | - | 2026-03-10 19:59:48 | Deep Dive |
| CVE-2026-29175 | Multiple Stored XSS in Commerce Inventory Page Leading to Session Hijacking | craftcms | commerce | - | - | 2026-03-10 19:57:37 | Deep Dive |
| CVE-2026-29174 | Craft Commerce has a SQL Injection in Commerce Inventory Table Sorting | craftcms | commerce | - | - | 2026-03-10 19:55:55 | Deep Dive |
| CVE-2026-29173 | Craft Commerce has Stored XSS while updating Order Status from Orders Table | craftcms | commerce | - | - | 2026-03-10 19:54:25 | Deep Dive |
| CVE-2026-29172 | Craft Commerce has a SQL Injection in Commerce Purchasables Table Sorting | craftcms | commerce | - | - | 2026-03-10 19:52:33 | Deep Dive |
| CVE-2025-11251 | SQLi in Dayneks Software's E-Commerce Platform | Dayneks Software Industry and Trade Inc. | E-Commerce Platform | Critical | 9.8 | 2026-02-27 11:58:03 | Deep Dive |
| CVE-2025-14343 | Reflected XSS in Dokuzsoft Technology's E-Commerce Product | Dokuzsoft Technology Ltd. | E-Commerce Product | High | 7.6 | 2026-02-26 12:06:21 | Deep Dive |
| CVE-2025-15583 | detronetdip E-commerce function.php get_safe_value cross site scripting | detronetdip | E-commerce | Low | 3.5 | 2026-02-20 16:32:10 | Deep Dive |
| CVE-2025-15582 | detronetdip E-commerce Product Management Update authorization | detronetdip | E-commerce | Medium | 5.4 | 2026-02-20 16:32:08 | Deep Dive |
| CVE-2026-0926 | Prodigy Commerce <= 3.3.0 - Unauthenticated Local File Inclusion via parameters[template_name] | prodigycommerce | Prodigy Commerce | Critical | 9.8 | 2026-02-19 04:36:25 | Deep Dive |
| CVE-2025-13004 | IDOR in Farktor Software's E-Commerce Package | Farktor Software E-Commerce Services Inc. | E-Commerce Package | Medium | 6.3 | 2026-02-12 13:12:38 | Deep Dive |
| CVE-2025-13002 | XSS in Farktor Software's E-Commerce Package | Farktor Software E-Commerce Services Inc. | E-Commerce Package | High | 8.2 | 2026-02-12 12:57:05 | Deep Dive |