New changes and opportunities are coming for bug reporters.
Security Center
Get the latest patches, security updates, and best practices for your Magento sites
New Security Update
Install critical updates for Magento 1.x and Magento 2.x versions
Jan 24, 2019
Maintainers of the PHP Extension and Application Repository (PEAR) have disclosed a breach that resulted in the compromise of the go-pear.phar executable used to install the PEAR installer package manager v1.10.9. The PEAR installer is optionally used by Magento 1 installations. It is not used in Magento 2 where it is replaced by Composer.
Jan 7, 2019
We have become aware that hackers impersonating Magento, an Adobe Company, are sending emails that contain malware to merchants and agencies using Magento products.
Nov 28, 2018
This patch contains several security updates. Risk: Major for Magento Commerce prior to 1.14.4.0 and Open Source prior to 1.9.4.0.
Nov 28, 2018
These versions contains multiple functional and security updates. Risk: Critical for Magento Commerce and Magento Open Source prior to 2.1.16 and 2.2.7.
Sep 10, 2018
This patch contains several security updates. Risk: Major for Magento Commerce prior to 1.14.3.10 and Open Source prior to 1.9.3.10.
Sep 10, 2018
These versions contains multiple functional and security updates. Risk: Critical for Magento Commerce and Magento Open Source prior to 2.1.15 and 2.2.6.
Jul 18, 2018
Magento is making Google reCAPTCHA and Two-Factor Authentication (2FA) functionality available for Magento Open Source, Commerce, and Commerce (Cloud) v2.1 and v2.2. These features provide enhanced access security.
Jun 27, 2018
These versions contains multiple functional and security updates. Risk: Critical for Magento Commerce and Magento Open Source prior to 2.1.14 and 2.2.5.
Jun 27, 2018
This patch contains several security updates. Risk: Major for Magento Commerce prior to 1.14.3.9 and Open Source prior to 1.9.3.9.