An issue has been discovered in Magento Open Source and Magento Commerce that can be used to disclose the URL location of a Magento Admin panel. To best protect your store, Magento has released patches and recommends additional security steps to protect your store
Security Center
Get the latest patches, security updates, and best practices for your Magento sites
Vulnerability
These versions contains multiple security updates. Risk: Major for Magento Commerce and Magento Open Source prior to 2.0.18, 2.1.12, and 2.2.3.
This patch contains several security updates. Risk: Major for Magento Commerce prior to 1.14.3.8 and Open Source prior to 1.9.3.8.
This patch contains several security updates. Risk: Major for Magento Commerce prior to 1.14.3.7 and Open Source prior to 1.9.3.7.
These versions contains multiple security updates. Risk: Critical for Magento Commerce and Magento Open Source prior to 2.0.17, 2.1.10, and 2.2.1.
Merchants should check their mail sending settings to protect against a Zend Framework 1 vulnerability.
Learn how to protect your store from a newly-discovered vulnerability present in all major Linux Operating Systems
An SQL injection vulnerability has been found in multiple third-party extensions and themes