A newly disclosed vulnerability dubbed 'PolyShell' affects all Magento Open Source and Adobe Commerce stable version 2 installations, allowing unauthenticated code execution and account takeover. [...]
New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores
Summary + source link. No paywalls, no tracking.