VDB
CVE-2025-49549
CVE-2025-49549
PUBLISHED
CVSS 2.700000047683716 LOW
Magento Authenticated Security feature bypass
EPSS 0.51% · 67.0th percentile
Risk Scores
CVSS 3.1
2.700000047683716
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
EPSS Score
0.51%
67.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Adobe Commerce | 0, 0 |
| adobe | commerce | 2.4.6, 2.4.6, 2.4.6 |
| adobe | commerce_b2b | 1.3.4, 0, 1.3.3 |
| magento | community-edition | 2.4.6-p1, 2.4.7-beta1, 2.4.7 |
| adobe | magento | 2.4.6, 2.4.6, 2.4.6 |
| magento | project-community-edition | 0, 0 |
Timeline
- Jun 25, 2025 CVE Published
- Jun 25, 2025 PoC Published
- Jun 26, 2025 EPSS Score
- Jun 26, 2025 Coalition ESS Score
- Jul 6, 2025 EPSS Score
- Jul 16, 2025 EPSS Score
- Jul 24, 2025 Coalition ESS Score
- Jul 24, 2025 CVE Updated
- Jul 26, 2025 EPSS Score
- Aug 5, 2025 EPSS Score
- Aug 15, 2025 EPSS Score
- Aug 22, 2025 Coalition ESS Score