These versions contains multiple functional and security updates. Risk: Critical for Magento Commerce and Magento Open Source prior to 2.1.18, 2.2.9 and 2.3.2.
Security Center
Get the latest patches, security updates, and best practices for your Magento sites
New Security Update
Install critical updates for Magento 1.x and Magento 2.x versions
Jun 25, 2019
Jun 25, 2019
Jun 25, 2019
This patch contains several security updates. Risk: Critical for Magento Commerce prior to 1.14.4.2 and Open Source prior to 1.9.4.2.
May 10, 2019
An issue has been discovered in Magento Open Source and Magento Commerce that can be used to disclose the URL location of a Magento Admin panel. To best protect your store, Magento has released patches and recommends additional security steps to protect your store
Apr 10, 2019
We are aware of reports that phishing attempts are impersonating Magento and are being used for targeted attacks. This misleading phishing email encourages users to click on a link that indicates all users are required to register for an alert platform. Please review this blog for more information.
Mar 26, 2019
This patch contains several security updates. Risk: Critical for Magento Commerce prior to 1.14.4.1 and Open Source prior to 1.9.4.1.
Mar 26, 2019
These versions contains multiple functional and security updates. Risk: Critical for Magento Commerce and Magento Open Source prior to 2.1.17, 2.2.8 and 2.3.1.
Mar 8, 2019
A critical vulnerability exists in the Magestore Store Locator extension version 1.0.2 (and earlier versions) that could result in unauthorized access to sensitive information. Magento urges customers running this extension to immediately disable this extension or block requests. Read more.
Feb 4, 2019
To better align and help enhance the program, Magento consolidated their Bug Bounty Program with the Adobe program under one umbrella. New changes and opportunities are coming for bug reporters.