craftcms/commerce Security Advisories for 5.6.0 (2)
-
[MEDIUM] Craft Commerce: Coupon Code Brute-Force via Rate Limit Bypass
PKSA-8pd1-kqxv-12wq CVE-2026-55795 GHSA-h5gm-x9wr-vhcm
Affected version: >=4.0.0,<=4.11.1|>=5.0.0,<=5.6.4
Reported by:
GitHub -
[MEDIUM] Craft Commerce: Partial Payment Amount Without Lower Bound Validation
PKSA-3cyb-p9z9-9j9r GHSA-78vr-q6cf-c7p6
Affected version: >=4.0.0,<=4.11.1|>=5.0.0,<=5.6.4
Reported by:
GitHub