Magento 2 Security Patch Tracker
Adobe Commerce + Magento Open Source security bulletins, with CVE references, affected and fixed version ranges, and a quick "is my version safe?" check.
Get notified when Adobe ships a new bulletin
One email per new bulletin (or batch, when several drop together). Filter by severity. Unsubscribe with one click from any email. Free.
Have a MageSmith account? Manage your subscription in app — auto-confirmed, no email round-trip.
Sign in to manage →Is my version safe?
Paste your Magento version (e.g. 2.4.6-p3) to see which bulletins still apply.
Showing all 31 bulletins, newest first.
Adobe Security Bulletin
Adobe Security Bulletin Adobe Security Bulletin Search Last updated on May 12, 2026 Security update available for Adobe Commerce | APSB26-49 Bulletin ID Date Published Priority APSB26-49 May 12, 2026 2 Summary Adobe has released a security update for Adobe Commer
Adobe Security Bulletin
Adobe Security Bulletin Adobe Security Bulletin Search Last updated on Mar 11, 2026 Security update available for Adobe Commerce | APSB26-05 Bulletin ID Date Published Priority APSB26-05 March 10, 2026 2 Summary Adobe has released a security update for Adobe Comm
Adobe Security Bulletin
Adobe Security Bulletin Adobe Security Bulletin Search Last updated on Oct 16, 2025 Security update available for Adobe Commerce | APSB25-94 Bulletin ID Date Published Priority APSB25-94 October 14, 2025 2 Summary Adobe has released a security update for Adobe Co
Adobe Security Bulletin
Adobe Security Bulletin Adobe Security Bulletin Search Last updated on Oct 24, 2025 Security update available for Adobe Commerce | APSB25-88 Bulletin ID Date Published Priority APSB25-88 September 9, 2025 1 Summary Adobe has released a security update for Adobe C
Adobe Security Bulletin
Adobe Security Bulletin Adobe Security Bulletin Search Last updated on Aug 12, 2025 Security update available for Adobe Commerce | APSB25-71 Bulletin ID Date Published Priority APSB25-71 August 12, 2025 2 Summary Adobe has released a security update for Adobe Com
Adobe Security Bulletin
Adobe Security Bulletin Adobe Security Bulletin Search Last updated on Apr 8, 2025 Security update available for Adobe Commerce | APSB25-26 Bulletin ID Date Published Priority APSB25-26 April 8, 2025 2 Summary Adobe has released a security update for Adobe Commer
Adobe Security Bulletin
Adobe Security Bulletin Adobe Security Bulletin Search Last updated on Nov 12, 2024 Security update available for Adobe Commerce | APSB24-90 Bulletin ID Date Published Priority APSB24-90 November 12, 2024 3 Summary Adobe has released a security update for Adobe C
Adobe Security Bulletin
Adobe Security Bulletin Adobe Security Bulletin Search Last updated on Aug 13, 2024 Security update available for Adobe Commerce | APSB24-61 Bulletin ID Date Published Priority APSB24-61 August 13, 2024 3 Summary Adobe has released a security update for Adobe Com
Adobe Security Bulletin
Adobe Security Bulletin Adobe Security Bulletin Search Last updated on Jun 26, 2024 Security update available for Adobe Commerce | APSB24-03 Bulletin ID Date Published Priority APSB24-03 February 13, 2024 3 Summary Adobe has released a security update for Adobe C
Adobe Security Bulletin
Adobe Security Bulletin Adobe Security Bulletin Search Last updated on Aug 8, 2023 Security update available for Adobe Commerce | APSB23-42 Bulletin ID Date Published Priority APSB23-42 August 8, 2023 3 Summary Adobe has released a security update for Adobe Comme
Adobe Security Bulletin
Adobe Security Bulletin Adobe Security Bulletin Search Last updated on Mar 14, 2023 Security update available for Adobe Commerce | APSB23-17 Bulletin ID Date Published Priority APSB23-17 March 14, 2023 3 Summary Adobe has released a security update for Adobe Comm
Adobe Security Bulletin
Adobe Security Bulletin Adobe Security Bulletin Search Last updated on Oct 18, 2022 Security update available for Adobe Commerce | APSB22-48 Bulletin ID Date Published Priority APSB22-48 October 11, 2022 3 Summary Adobe has released a security update for Adobe Co
Adobe Security Bulletin
Adobe Security Bulletin Adobe Security Bulletin Search Last updated on Oct 18, 2022 Security update available for Adobe Commerce | APSB22-38 Bulletin ID Date Published Priority APSB22-38 August 9, 2022 3 Summary Adobe has released a security update for A
Adobe Security Bulletin
Adobe Security Bulletin Adobe Security Bulletin Search Last updated on Apr 12, 2022 Security update available for Adobe Commerce | APSB22-13 Bulletin ID Date Published Priority APSB22-13 April 12, 2022 3 Summary Adobe has released a security update for
Adobe Security Bulletin
Adobe Security Bulletin Adobe Security Bulletin Search Last updated on Oct 12, 2021 Security updates available for Adobe Commerce | APSB21-86 Bulletin ID Date Published Priority APSB21-86 October 12, 2021 2 Summary Adobe has released security updates for
Adobe Security Bulletin
Adobe Security Bulletin Adobe Security Bulletin Search Last updated on Aug 13, 2021 Security Updates Available for Adobe Commerce | APSB21-64 Bulletin ID Date Published Priority APSB21-64 August 11, 2021 2 Summary Magento has released updates for Adobe Commerce and Ma
Adobe Security Bulletin
Adobe Security Bulletin Adobe Security Bulletin Search Last updated on Jan 19, 2022 | Also applies to Digital Editions Security Updates Available for Magento | APSB21-30 Bulletin ID Date Published Priority ASPB21-30 May 11, 2021 2 Summary Successful exploitation could l
Adobe Security Bulletin
ServedBy LOC PUBLISHER ServedAt Fri May 23 08:12:45 UTC 2025 --> Adobe Security Bulletin --> Adobe Security Bulletin Adobe Security Bulletin Search User Guide Select an article: Select an article: On this page Summary Affected Versions Solution Vulnerability details Updates to de
Adobe Security Bulletin
ServedBy LOC PUBLISHER ServedAt Wed Oct 29 06:31:40 UTC 2025 --> Adobe Security Bulletin --> Adobe Security Bulletin Adobe Security Bulletin Search User Guide Select an article: Select an article: On this page Summary Affected Versions Solution Vulnerability details Updates to de
Adobe Security Bulletin
ServedBy LOC PUBLISHER ServedAt Tue Oct 28 00:07:42 UTC 2025 --> Adobe Security Bulletin --> Adobe Security Bulletin Adobe Security Bulletin Search User Guide Select an article: Select an article: On this page Summary Affected Versions Solution Vulnerability details Acknowledgmen
Adobe Security Bulletin
ServedBy LOC PUBLISHER ServedAt Mon Oct 20 16:33:36 UTC 2025 --> Adobe Security Bulletin --> Adobe Security Bulletin Adobe Security Bulletin Search User Guide Select an article: Select an article: On this page Summary Affected Versions Solution Vulnerability details Acknowledgmen
Adobe Security Bulletin
ServedBy LOC PUBLISHER ServedAt Thu Mar 12 17:05:11 UTC 2026 --> Adobe Security Bulletin --> Adobe Security Bulletin Adobe Security Bulletin Search User Guide Select an article: Select an article: On this page Summary Affected Versions Solution Vulnerability details Acknowledgmen
Adobe Security Bulletin
ServedBy LOC PUBLISHER ServedAt Sat Jan 10 10:06:15 UTC 2026 --> Adobe Security Bulletin --> Adobe Security Bulletin Adobe Security Bulletin Search User Guide Select an article: Select an article: On this page Summary Affected Versions Solution Vulnerability details Acknowledgmen
Security update available for Adobe Commerce | APSB25-50
Fixes multiple vulnerabilities including XSS, server-side request forgery, and improper input validation. Adobe is not aware of any exploits in the wild but recommends prioritising this patch.
Security update available for Adobe Commerce | APSB25-08
Critical-severity update addresses arbitrary file system read and authentication bypass. Apply immediately on internet-facing installs.
Security update available for Adobe Commerce | APSB24-73
Multiple vulnerabilities, the most severe of which could result in arbitrary code execution. Affects every supported Adobe Commerce + Magento Open Source line.
CosmicSting: XXE in REST API (CVE-2024-34102) | APSB24-40
Critical XXE vulnerability in the REST API allows unauthenticated attackers to read arbitrary files including the encrypted env.php key — leading to full session hijack and remote code execution. Widely exploited in the wild within days of disclosure. Mass-scanned by botnets; emergency patching mandatory.
Security update available for Adobe Commerce | APSB24-18
Multiple vulnerabilities resulting in arbitrary code execution, security feature bypass, and privilege escalation. Includes a critical pre-auth chain affecting the storefront API.
Security update available for Adobe Commerce | APSB23-50
Multiple vulnerabilities including stored XSS in the admin panel and improper access control on the REST API. Important severity — patch in your next release window.
XSLT pre-auth code execution | APSB23-35
Pre-authenticated remote code execution via the XSLT processor's external entity handling. Critical — exploitable from the public internet without credentials. Adobe shipped this out-of-band.
TrojanOrders pre-auth RCE (CVE-2022-24086) | APSB22-12
Improper input validation in the checkout flow allows unauthenticated attackers to execute arbitrary code via crafted email-template inputs. Mass-exploited via the 'TrojanOrders' campaign within 48 hours of disclosure — every unpatched store is presumed compromised. Adobe shipped APSB22-13 a week later as a follow-up to widen the fix.
Catalog mirrors Adobe Security Bulletins. Always verify against the official source before patching production — this catalog is rebuilt on each MageSmith release and may lag a brand-new bulletin by days.
Every Magento dev tool, in one hosted workspace.
Free to sign up. Nothing to install. Drafts, audits, and projects saved across every tool.