Is CVE-2025-54236 in the CISA Known Exploited Vulnerabilities catalog?

Yes — CVE-2025-54236 is listed in CISA KEV, remediation due 2025-11-14.

Which frameworks does CVE-2025-54236 affect?

CVE-2025-54236 affects Magento.

CISA Known Exploited Vulnerability

CVE-2025-54236

Adobe Commerce and Magento Open Source contain an improper input validation vulnerability that could allow an attacker to take over customer accounts through the Commerce REST API.

⚠ Actively exploited (CISA KEV) Magento 2025

CISA catalog entry

Product

Commerce and Magento

Vendor

Adobe

Added to KEV

2025-10-24

Remediation due

2025-11-14

CVE-2025-54236 is tracked in the CISA Known Exploited Vulnerabilities catalog. WebPulse monitors it as part of its framework security intelligence.

View CVE-2025-54236 on the NIST National Vulnerability Database →

Related vulnerabilities

CVE-2026-45247 CVE-2024-34102 CVE-2022-24086 CVE-2025-71338 CVE-2025-71336 CVE-2025-71327 CVE-2025-67644 CVE-2025-59532