A critical vulnerability (CVE-2026-0257) affecting e-commerce platforms like Magento and Adobe Commerce has been identified. Known as the Cache Warmer RCE flaw, this vulnerability allows attackers to exploit visitor cookies to execute code remotely, achieving a severity rating of 9.8. No administrative privileges are required for exploitation, with approximately 6,000 stores already identified as compromised.
Merchants are urged to upgrade to version 1.11.12 of the cache warmer extension and monitor server logs for attack signatures starting with 'Tz', 'Qz', or 'YT' to effectively secure their systems.