PolyShell Vulnerability Exposes Adobe Commerce and Magento to Remote Code Execution

Sansec reports "PolyShell," an unrestricted file upload vulnerability (CVE-2025-20720) in Magento and Adobe Commerce that allows unauthenticated attackers to achieve remote code execution via the REST API.