Magento this week released updates for Magento Commerce and Open Source 2.1.9 and 2.0.16 to address numerous vulnerabilities, including a remote code execution bug rated Critical severity.
read more

http://feedproxy.google.com/~r/Securityweek/~3/_Po2UHrmzRc/magento-patches-critical-vulnerability-ecommerce-platforms