Use Cases
Software Products MSPs Schools Development & Marketing DevOps Agencies Help Desk
 
Internet Status Blog Pricing Log In Try IsDown for free now

Outage in Nexcess

Magento “PolyShell” File Upload Vulnerability

Resolved Minor
March 18, 2026 - Started 9 days ago - Lasted about 6 hours
Official incident page

Incident Report

Summary AI Generated

Nexcess identified a potential "PolyShell" unrestricted file upload vulnerability affecting Magento and Adobe Commerce platforms in their managed environment. The security issue impacted their platform updates and other components for 6.2 hours while teams assessed potential exposure across customer sites. The incident was resolved by implementing measures to prohibit execution of files that could exploit this vulnerability across their entire managed fleet.

We are aware of recent reports regarding a potential unrestricted file upload vulnerability, commonly referred to as “PolyShell”, affecting Magento and Adobe Commerce. At this time, our teams are actively reviewing our environment to assess any potential impact and determine whether any systems/customer sites may be affected. We will provide further updates as more information becomes available. If you have any questions or concerns. You can reach us through the following channels: Live Chat: https://my.nexcess.net/ Email: Nexcess Support
Components affected
Nexcess Platform Updates / Other

Need to monitor Nexcess outages?

  • Monitor all your external dependencies in one place
  • Get instant alerts when outages are detected
  • Be the first to know if service is down
  • Show real-time status on private or public status page
  • Keep your team informed
Start monitoring for free
Latest Updates ( sorted recent to last )
RESOLVED 9 days ago - at 03/18/2026 10:23PM

We have taken steps to prohibit execution of files exploiting the "PolyShell" unrestricted file upload vulnerability across our managed fleet.

If you have any questions or concerns. You can reach us through the following channels:

Live Chat: https://my.nexcess.net/
Email: support@nexcess.net

INVESTIGATING 9 days ago - at 03/18/2026 04:17PM

We are aware of recent reports regarding a potential unrestricted file upload vulnerability, commonly referred to as “PolyShell”, affecting Magento and Adobe Commerce.

At this time, our teams are actively reviewing our environment to assess any potential impact and determine whether any systems/customer sites may be affected.

We will provide further updates as more information becomes available.
If you have any questions or concerns. You can reach us through the following channels:

Live Chat: https://my.nexcess.net/
Email: Nexcess Support

Latest Nexcess outages

Service Disruption Due to Network Switch Failure - 3 days ago
Multiple cloud hosts in the US-Midwest-1 region are currently experiencing an outage. - 6 days ago
ClamAV Service Disruption - 11 days ago
Service Interruption on US-Midwest 2 region - 12 days ago
Outgoing Connectivity Issues Affecting Servers in UK South 2 Region - 15 days ago

The Status Page Aggregator with Early Outage Detection

With IsDown, you can monitor all your critical services' official status pages from one centralized dashboard and receive instant alerts the moment an outage is detected. Say goodbye to constantly checking multiple sites for updates and stay ahead of outages with IsDown.

Start free trial

No credit card required · Cancel anytime · 6020 services available

Integrations with Slack Microsoft Teams Google Chat Datadog PagerDuty Zapier Discord Webhook