High severity7.5NVD Advisory· Published May 12, 2026· Updated May 20, 2026
CVE-2026-34648
CVE-2026-34648
Description
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition. Exploitation of this issue does not require user interaction.
Affected products
162cpe:2.3:a:adobe:commerce:*:*:*:*:*:*:*:*+ 124 more
- cpe:2.3:a:adobe:commerce:*:*:*:*:*:*:*:*range: <2.4.4
- cpe:2.3:a:adobe:commerce:2.4.4:-:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.4:p1:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.4:p10:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.4:p11:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.4:p12:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.4:p13:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.4:p14:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.4:p15:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.4:p16:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.4:p17:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.4:p2:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.4:p3:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.4:p4:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.4:p5:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.4:p6:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.4:p7:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.4:p8:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.4:p9:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.5:-:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.5:p1:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.5:p10:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.5:p11:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.5:p12:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.5:p13:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.5:p14:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.5:p15:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.5:p16:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.5:p2:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.5:p3:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.5:p4:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.5:p5:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.5:p6:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.5:p7:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.5:p8:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.5:p9:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.6:-:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.6:p1:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.6:p10:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.6:p11:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.6:p12:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.6:p13:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.6:p14:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.6:p2:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.6:p3:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.6:p4:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.6:p5:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.6:p6:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.6:p7:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.6:p8:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.6:p9:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.7:-:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.7:b1:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.7:b2:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.7:beta3:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.7:p1:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.7:p2:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.7:p3:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.7:p4:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.7:p5:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.7:p6:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.7:p7:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.7:p8:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.7:p9:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.8:-:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.8:beta1:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.8:beta2:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.8:p1:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.8:p2:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.8:p3:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.8:p4:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce:2.4.9:beta1:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:*:*:*:*:*:*:*:*range: <1.3.3
- cpe:2.3:a:adobe:commerce_b2b:1.3.3:-:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.3:p1:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.3:p10:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.3:p11:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.3:p12:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.3:p13:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.3:p14:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.3:p15:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.3:p16:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.3:p17:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.3:p2:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.3:p3:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.3:p4:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.3:p5:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.3:p6:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.3:p7:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.3:p8:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.3:p9:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.4:-:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.4:p1:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.4:p10:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.4:p11:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.4:p12:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.4:p13:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.4:p14:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.4:p15:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.4:p16:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.4:p2:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.4:p3:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.4:p4:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.4:p5:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.4:p6:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.4:p7:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.4:p8:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.3.4:p9:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.4.2:-:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.4.2:p1:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.4.2:p2:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.4.2:p3:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.4.2:p4:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.4.2:p5:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.4.2:p6:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.4.2:p7:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.4.2:p8:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.4.2:p9:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.5.2:-:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.5.2:p1:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.5.2:p2:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.5.2:p3:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.5.2:p4:*:*:*:*:*:*
- cpe:2.3:a:adobe:commerce_b2b:1.5.3:beta1:*:*:*:*:*:*
- (no CPE)range: <=2.4.9-beta1
cpe:2.3:a:adobe:magento:2.4.6:-:*:*:open_source:*:*:*+ 36 more
- cpe:2.3:a:adobe:magento:2.4.6:-:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.6:p10:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.6:p11:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.6:p12:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.6:p13:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.6:p14:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.6:p1:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.6:p2:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.6:p3:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.6:p4:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.6:p5:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.6:p6:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.6:p7:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.6:p8:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.6:p9:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.7:b1:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.7:b2:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.7:beta3:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.7:-:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.7:p1:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.7:p2:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.7:p3:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.7:p4:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.7:p5:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.7:p6:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.7:p7:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.7:p8:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.7:p9:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.8:beta1:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.8:beta2:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.8:-:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.8:p1:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.8:p2:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.8:p3:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.8:p4:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:2.4.9:beta1:*:*:open_source:*:*:*
- cpe:2.3:a:adobe:magento:*:*:*:*:open_source:*:*:*range: <2.4.6
Patches
Vulnerability mechanics
References
1- helpx.adobe.com/security/products/magento/apsb26-49.htmlnvdVendor Advisory
News mentions
0No linked articles in our index yet.