Commerce webhooks
This hub aggregates every CVE we track for Commerce webhooks, a product in the consumer software space. Use it to gauge the current risk picture and drill into individual advisories.
10
CVEs tracked
2
Critical
4
High
1
In CISA KEV
Severity distribution
HIGH4MEDIUM4CRITICAL2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 10 most recently published vulnerabilities affecting Commerce webhooks.
- CVE-2024-34106Insecure Direct Object Reference - An attacker can able to erase the victim quote details5.3
- CVE-2024-34103Customer account takeover via web API call & subsequent password reset8.1
- CVE-2024-34109Adobe Commerce | Improper Input Validation (CWE-20)7.2
- CVE-2024-34110RCE in the Adobe Commerce Webhook module through a legit webhook definition7.2
- CVE-2024-34111SSRF in service connector6.5
- CVE-2024-34107Adobe Commerce | Improper Access Control (CWE-284)5.3
- CVE-2024-34105Stored Cross Site Scripting in Order Comment4.8
- CVE-2024-34102XXE can expose crypt key and other secrets granting full admin accessKEV9.8
- CVE-2024-34104Adobe Commerce | Improper Authorization (CWE-285)8.2
- CVE-2024-34108Large attack surface through legit webhook usage in Adobe Commerce9.1
Product normalization is registry-driven with AI assist and human review. How it works