An issue has been discovered in Magento Open Source and Magento Commerce that can be used to disclose the URL location of a Magento Admin panel. To best protect your store, Magento has released patches and recommends additional security steps to protect your store
Security Center
Get the latest patches, security updates, and best practices for your Magento sites
New Security Update
Install critical updates for Magento 1.x and Magento 2.x versions
Tagged:
Vulnerability
Feb 27, 2018
These versions contains multiple security updates. Risk: Major for Magento Commerce and Magento Open Source prior to 2.0.18, 2.1.12, and 2.2.3.
Feb 27, 2018
This patch contains several security updates. Risk: Major for Magento Commerce prior to 1.14.3.8 and Open Source prior to 1.9.3.8.
Nov 28, 2017
This patch contains several security updates. Risk: Major for Magento Commerce prior to 1.14.3.7 and Open Source prior to 1.9.3.7.
Nov 7, 2017
These versions contains multiple security updates. Risk: Critical for Magento Commerce and Magento Open Source prior to 2.0.17, 2.1.10, and 2.2.1.
Jan 13, 2017
Merchants should check their mail sending settings to protect against a Zend Framework 1 vulnerability.
Oct 24, 2016
Learn how to protect your store from a newly-discovered vulnerability present in all major Linux Operating Systems
Apr 26, 2016
An SQL injection vulnerability has been found in multiple third-party extensions and themes