New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores
Over Security - Cybersecurity news aggregator [Unofficial]
March 19, 2026
A newly disclosed vulnerability dubbed 'PolyShell' affects all Magento Open Source and Adobe Commerce stable version 2 installations, allowing unauthenticated code execution and account takeover.
Discussion in the ATmosphere