Categories
eCommerce Magento News

Magento Patch for SessionReaper, a critical bug in Magento & Adobe Commerce (CVE-2025-54236)

An emergency Magento patch for CVE-2025-54236 is expected within 24 hours from Adobe on September 9th 2025.

This patch fixes a critical vulnerability, SessionReaper, which has been classed as severe and should be applied by all developers upon release.

As always we recommend a test and deploy strategy as soon as the patch is made available.

Updated information from adobe is available here