All news

account-takeover

(1 article)
Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover

March 20, 2026

Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover

A critical PolyShell vulnerability in Magento allows unauthenticated file uploads, remote code execution, and full account takeover. Here's what you need to know.