VDB

CVE-2025-49549

CVE-2025-49549 PUBLISHED CVSS 2.700000047683716 LOW

Magento Authenticated Security feature bypass

EPSS 0.51% · 67.0th percentile

Risk Scores

CVSS 3.1
2.700000047683716
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
EPSS Score
0.51%
67.0th percentile

Affected Products

VendorProductVersions
AdobeAdobe Commerce0, 0
adobecommerce2.4.6, 2.4.6, 2.4.6
adobecommerce_b2b1.3.4, 0, 1.3.3
magentocommunity-edition2.4.6-p1, 2.4.7-beta1, 2.4.7
adobemagento2.4.6, 2.4.6, 2.4.6
magentoproject-community-edition0, 0

Timeline

  • Jun 25, 2025 CVE Published
  • Jun 25, 2025 PoC Published
  • Jun 26, 2025 EPSS Score
  • Jun 26, 2025 Coalition ESS Score
  • Jul 6, 2025 EPSS Score
  • Jul 16, 2025 EPSS Score
  • Jul 24, 2025 Coalition ESS Score
  • Jul 24, 2025 CVE Updated
  • Jul 26, 2025 EPSS Score
  • Aug 5, 2025 EPSS Score
  • Aug 15, 2025 EPSS Score
  • Aug 22, 2025 Coalition ESS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›