A new vulnerability has been found in a Zend Framework 1 and 2 email component. The component is used by all Magento 1 and Magento 2 software and other PHP solutions. This vulnerability is serious and can lead to a remote code execution attack if your servers use Sendmail as a mail transport agent.
Review our Magento Security Center posting to learn how you can protect your sites from this vulnerability. Until patches are available in the next several weeks, we recommend that you immediately update your mail settings.
Please note that we’ve checked all Enterprise Cloud Edition sites and they are not affected by this issue.