> TritonInfoSec News
Home / Mar 20, 2026 / Story
0
#3 BleepingComputer general March 19, 2026 at 20:01 UTC

New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores

By Bill Toulas

AI Summary

A new vulnerability dubbed 'PolyShell' affects all Magento Open Source and Adobe Commerce stable version 2 installations, allowing unauthenticated remote code execution and complete account takeover. The flaw impacts e-commerce stores globally running these platforms.

Read full article → https://www.bleepingcomputer.com/news/security/new…

Relevance score: 90.0/100

# More from March 20

  1. 1
    Feds Disrupt IoT Botnets Behind Huge DDoS Attacks Krebs on Security
  2. 2
    Hundreds of millions of iPhones can be hacked with a new tool found in the wild Ars Technica Security
  3. 4
    FBI seizes Handala data leak site after Stryker cyberattack BleepingComputer
  4. 5
    CISA urges US orgs to secure Microsoft Intune systems after Stryker breach BleepingComputer
  5. 6
    Critical Microsoft SharePoint flaw now exploited in attacks BleepingComputer
  6. 7
    Interlock ransomware gang exploited Cisco firewall zero-day weeks before disclosure: Amazon The Record
  7. 8
    Russian hackers exploit Zimbra flaw in Ukrainian govt attacks BleepingComputer
  8. 9
    Navia discloses data breach impacting 2.7 million people BleepingComputer
  9. 10
    54 EDR Killers Use BYOVD to Exploit 34 Signed Vulnerable Drivers and Disable Security The Hacker News