• Toll-free  888-665-8637
  • International  +1 717-220-0012
Posted by Aaron on July 10, 2026

Critical Security Vulnerability in BVC 5-2026

Comments (0)

We've become aware of a critical security vulnerability in BV Commerce. This vulnerability affects all versions of BV Commerce from 2026 back to 5.0. Today we released a hotfix for this vulnerability that should be installed immediately. This hotfix is available to all merchants, even those with an expired BV.NEXT plan. 

No further details will be disclosed publicly to prevent malicious actors from exploiting it.

If you have any questions, please open a support ticket. Enter your store's domain name and use either the email address associated with your account/license or an email address with the same domain name as your store. This will allow us to quickly verify your identity.

If you work with a BV Commerce partner, please know that they have already been alerted to the details of the vulnerability and are prepared to quickly apply the hotfix to your store.

Installing the Hotfix

Sign in to your account and click the "View Downloads" button. Click the "Download" link next to "BV Commerce 2013-2026 - security hotfix" (the first download in the list). The included readme.txt file provides the installation instructions as we do not want to publicly disclose any details that malicious actors could exploit.

Categories: Documentation | News

Add comment

biuquote
  • Comment
  • Preview
Loading

©2026 Develisys. All rights reserved.
  • Toll-free  888-665-8637
  • International  +1 717-220-0012