CVE Weekly Report — Week of Jul 13 – July 19, 2026

2026-W29

16
Total CVEs
3
Critical
7
High
0
Actively exploited

🔴 Critical CVEs (3)

CVEProductCVSSKEVDescriptionPublished
CVE-2026-48356Magento9.6Adobe Commerce is affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbi…Jul 14
CVE-2026-13221Perl9.1Perl versions through 5.43.9 produce silently incorrect regular expression matches when an alternation of more than 6553…Jul 13
CVE-2026-48358Magento9.1Adobe Commerce is affected by an Improper Encoding or Escaping of Output vulnerability that could result in arbitrary co…Jul 14

🟠 High CVEs (7)

CVEProductCVSSKEVDescriptionPublished
CVE-2026-47994Magento8.7Adobe Commerce is affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged…Jul 14
CVE-2026-47988Magento8.6Adobe Commerce is affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A…Jul 14
CVE-2026-57432Perl8.4Perl versions through 5.43.10 have an integer overflow in S_measure_struct leading to an out-of-bounds heap read in pack…Jul 13
CVE-2026-47984Magento8.2Adobe Commerce is affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A…Jul 14
CVE-2026-47995Magento8.1Adobe Commerce is affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privilege…Jul 14
CVE-2026-47996Magento7.6Adobe Commerce is affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A…Jul 14
CVE-2026-47992Magento7.2Adobe Commerce is affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vu…Jul 14

🟡 Medium CVEs (5)

CVEProductCVSSKEVDescriptionPublished
CVE-2026-47997Magento5.9Adobe Commerce is affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A…Jul 14
CVE-2026-47998Magento5.9Adobe Commerce is affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A…Jul 14
CVE-2026-48371Magento5.4Adobe Commerce is affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged…Jul 14
CVE-2026-47999Magento4.8Adobe Commerce is affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privilege…Jul 14
CVE-2026-48000Magento4.3Adobe Commerce is affected by an Improper Redirect (Open Redirect) vulnerability that could result in a Security feature…Jul 14

🔵 Low CVEs (1)

CVEProductCVSSKEVDescriptionPublished
CVE-2026-48001Magento3.7Adobe Commerce is affected by an Information Exposure vulnerability that could lead to a limited disclosure of sensitive…Jul 14

📦 Most affected products

© 2026 EOLCanary — Data from endoflife.date & NVD
Explore