CVE-2025-27188

Name of the Vulnerable Software and Affected Versions: Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier

Description: The issue is related to an Improper Authorization vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.

Recommendations: For versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, and 2.4.8-beta2, update to a version that addresses the Improper Authorization vulnerability to prevent privilege escalation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.