Latest version: Magento 2.4.8 released - Key updates you shouldn't miss

Magento Open Source 2.4.8 and Adobe Commerce 2.4.8, released simultaneously in early 2025, bring several important updates that can help you optimise your online store and stay ahead in a competitive market. This release includes enhanced security patches, performance improvements, bug fixes, and updated support for the latest PHP versions. In this post, we’ll dive into the key highlights of both Adobe Commerce and Magento Open Source 2.4.8, explore how these changes can benefit your business, and share expert insights to help you make the most of this upgrade.

Key highlights in both Magento Open Source and Adobe Commerce updates

• Platform and compatibility updates: Both platforms’ latest versions now support PHP 8.4 (while still compatible with PHP 8.3) and across the core application and all Adobe-distributed extensions. In terms of databases, 2.4.8 is now compatible with MySQL 8.4 and MariaDB 11.4 LTS.
• Security enhancements: This release includes numerous security patches and improvements to keep your store safe. Adobe has resolved several known vulnerabilities (rated Important/Moderate) that could lead to unauthorised access or privilege escalation. A notable addition in both is the implementation of Subresource Integrity (SRI), which verifies the integrity of loaded resources, helping to prevent the injection of malicious scripts.
• Performance improvements: Caching mechanisms and catalogue rule indexing have been optimised to reduce server load and accelerate page rendering. Database query performance is also improved by taking advantage of the latest MySQL 8.4 optimisations. Merchants using MariaDB will see improvements when moving to the 11.4 LTS version, which Magento 2.4.8 fully supports​.
• Expanded GraphQL & API capabilities: The GraphQL API has been extended to support more storefront scenarios and headless implementations. New GraphQL features include support for custom scalar data types, multi-field product sorting, enhanced cart and checkout queries, and more comprehensive coverage of store configurations​. These changes pave the way for smoother PWA and Adobe Commerce Edge storefront integrations.
• Admin & user experience improvements: Magento 2.4.8 modernises the back-end and front-end experience. The admin content editor has been upgraded (TinyMCE v6+ replacing v5) and outdated libraries like the old file uploader and tree controls have been replaced with modern alternatives.
• Fixed issues: Dozens of UI bugs have been fixed – for example, admin action buttons now align correctly in the interface – and storefront issues like inconsistent product sorting and free order checkout options have been addressed for a smoother shopping experience​.

Distinct updates in Adobe Commerce 2.4.8

Platform updates

Adobe Commerce 2.4.8 brings a wide range of important technology updates and improvements, addressing key areas such as caching, message queues, third-party components, and search engine integration to enhance overall performance, security, and future readiness.

• Cache support: The release now includes support for Valkey 8.x, enhancing caching capabilities and overall platform performance.
• Message queue support: Support for RabbitMQ 4.x has been added, with a requirement for merchants to migrate from classic mirrored queues to quorum queues, which provide high availability by replicating data across multiple nodes, since classic queues are unsupported in RabbitMQ 4.
• Components and dependencies: Numerous third-party components, such as Composer, jQuery, TinyMCE, Monolog, Uppy, and Varnish, have been updated to their latest stable versions to improve platform stability and performance. Outdated components like TinyMCE 5 have been removed, and Laminas dependencies have been replaced with modern alternatives or native PHP solutions.
• Search engine transition: Adobe Commerce 2.4.8 is now optimised for OpenSearch 2.19, with support for Elasticsearch 7 and 8 modules deprecated and removed. The admin panel displays warnings when Elasticsearch is selected as the search engine, strongly recommending migration to OpenSearch to ensure continued support and compatibility.
• Technology stack: Adobe updated a swath of third-party libraries and core components to their latest versions, bolstering overall platform stability. For example, Magento now uses Composer 2.8 for dependency management, PHPUnit 10 for testing, and upgraded JavaScript libraries like jQuery/Bootstrap 5.3.3 and Moment.js 2.30 for a more secure and efficient codebase.

Performance improvements

Adobe Commerce 2.4.8 introduces optimisations that improve overall site responsiveness. The release focuses on improving indexing and product price updates. By default, all indexers are now set to Update by Schedule mode during new installations or upgrades. This ensures that expensive indexing operations (rebuilding search indexes, product price indices, etc.) are run via cron schedules rather than immediately on every update, which reduces lag during admin product saves and checkout updates. By having indexers in the recommended scheduled mode by default, Adobe Commerce 2.4.8 improves system throughput and prevents performance bottlenecks out of the box​.

Apart from that, the platform has improved the efficiency of bulk updates for tier prices through the /V1/products/tier-prices REST API endpoint. This enhancement prevents performance degradation and site unresponsiveness that could occur when updating large volumes of product prices, ensuring smoother and more reliable price management for merchants. These updates contribute to a faster, more stable, and scalable platform experience.

GraphQL

Adobe Commerce version 2.4.8 includes several GraphQL refinements aimed at improving the precision of data retrieval and enhancing user experience. Key GraphQL updates include:

• Cart and checkout: New fields have been added to the CartItemPrices type to support more accurate pricing and discount calculations. The checkout process now displays only the "Free" payment method when the order total is zero, reducing shopper confusion. Additionally, the grand_total_excluding_tax field was added to the CartPrices type, and GraphQL support now includes cart rule information accessible via new configurations and queries.
• Customer and customer groups: Error handling in the generateCustomerToken mutation now provides specific error messages for unconfirmed emails, aiding user guidance. New queries such as customerSegments and customerGroup have been introduced to enhance personalisation and segment information, complemented by store configurations for managing customer groups. The customer query now includes a paginated customer.addressesV2 field for address management.
• Orders: Order-related GraphQL functionality has been significantly improved with enhanced error messages that show available inventory during order updates. Order management has been streamlined with features like merging guest orders to customer accounts based on email. New mutations like confirmCancelOrder enable guest shoppers to cancel orders, and queries have been updated to improve data consistency and user experience.
• Gift options and gift cards: Gift options related to wrapping and printed cards have been enriched with accurate tax displays and additional price objects in the products query, as well as gift message handling for virtual products.
• Security: This has been enhanced by providing a theme field for reCAPTCHA configuration and ensuring 401 Unauthorized responses for requests with expired tokens.

These upgrades improve the efficiency and accuracy of data management through GraphQL, providing a better overall experience for developers and users alike.

Major fixed issue

582 issues have been resolved in the Adobe Commerce version 2.4.8 core code.

• APIs: Fixed async operation failures when the SKU was missing from the payload, resolved issues with updating base prices using the REST API, ensuring correct increment ID handling.
• Analytics/ Reporting: Problems with Google Analytics tracking, which caused errors for users in Europe, have been resolved, ensuring accurate data collection for website traffic. Reporting has been improved with faster generation of sales reports, correct currency symbols, and accurate calculations in coupon usage reports. Checkout is now more seamless, with fewer clicks required for PayPal and Google Pay express payments.
• B2B: Products assigned to shared catalog via REST API are now immediately visible on storefront after partial indexing is complete. The version update also prevents restricted categories and their content from being displayed on the storefront while catalogue permissions indexing is being performed. Other issues related to button or price display have also been tackled.

Learn more: For detailed information on Adobe Commerce 2.4.8 updates, visit Adobe Experience League.

Quality enhancements

Adobe Commerce 2.4.8 delivers key quality enhancements that improve system reliability and user experience. One notable update addresses an important issue in inventory management: the platform now operates without the previously hidden dependency on Catalog caused by the InventoryIndexer. This fix ensures that critical functions such as product creation, display mode switching, and stock status updates work consistently and as expected, eliminating synchronisation inconsistencies caused by mismatched entities. 

What’s more, to enhance usability and reduce confusion, the label of the Submit Comment button on the order detail page has been changed to Update, providing clearer communication for users managing order comments. These quality improvements contribute to a smoother, more intuitive experience for both merchants and customers.

Enhanced security measures

Security remains a top priority for Adobe Commerce, and version 2.4.8 includes multiple security enhancements and patch updates. These updates address vulnerabilities and strengthen the platform against emerging threats, helping protect your store and your customers’ data.

Adobe Commerce 2.4.8 introduces significant security advances centred around authentication, encryption, and data integrity. The Duo Security two-factor authentication (2FA) implementation has been updated to use the latest Web SDK v4, facilitating a seamless transition to Duo Universal Prompt. Encryption key management has been redesigned to improve usability and eliminate past limitations, introducing new CLI commands for key changes and re-encryption of sensitive data. These improvements collectively strengthen the security posture of Magento stores.

Several security patch versions have been launched, and the latest one is version 2.4.7, released through a series of incremental updates that culminate in version 2.4.7-p5. Enhancements include improved encryption key management via new CLI commands and updates to core dependencies like TinyMCE and Require.js to mitigate known security issues. This update also introduces support for the Adobe Commerce HIPAA-ready extension and implements compliance measures for payment gateways, such as ensuring adherence to the latest VISA 3DS mandates through Braintree integration. Overall, these security patches reinforce Adobe Commerce’s commitment to providing a secure, reliable, and compliant eCommerce platform for merchants.

What’s new in Magento Open Source 2.4.8

Magento Open Source 2.4.8 brings a host of valuable updates designed to improve the shopping experience, streamline operations, and enhance overall platform security. Key updates include framework, APIs and security advancements, and bug fixes.

Framework enhancements

Magento Open Source 2.4.8 introduces several framework enhancements designed to improve stability, performance, and compatibility. Core Composer dependencies, including league/flysystem, php-amqplib/php-amqplib, monolog/monolog, wikimedia/less.php, jquery/validate, and moment.js, have been updated to their latest versions. 

The jQuery file uploader was replaced with the Uppy library, and the ExtJS folder was removed as functionality migrated to jsTree. Database compatibility has been expanded to include MySQL 8.4 LTS and MariaDB 11.4 LTS. 

API improvements and fixes

• REST API: Resolved several issues related to special characters in category URLs, SKU with slashes, and improved error handling for asynchronous product saves.
• GraphQL API: Fixes related to integer values when executing a GraphQL query.
• Tier Price API: Improved efficiency of bulk updates to tier prices via the REST API to prevent performance issues and site unresponsiveness.

Bug fixes and stability

This release addresses 497 issues, reflecting a significant commitment to improving the platform's stability and functionality. Notable fixes include correcting the application logic for coupon codes in the cart, ensuring proper handling of product images with capital letter file extensions, and addressing errors in customer address forms when the region field is not displayed. Additionally, the update also resolves a Content Security Policy (CSP) issue that blocked PayPal Paylater fonts, ensuring proper display.

Learn more: Magento Open Source 2.4.8 release notes.

Adobe Commerce 2.4.8 release schedule

Adobe Commerce 2.4.8 was first available as a beta version on October 8, 2024, followed by its official launch on April 8, 2025. Its patch release schedule is shown as follows:

Here are the recent Adobe Commerce releases and their corresponding end-of-support dates to assist you in planning upgrades and ensuring continued stability and security for your eCommerce platform.

Learn more: If you are unsure of the Adobe Commerce version you are using, consult our comprehensive guide on how to check Magento version.

Preparing for the Adobe Commerce 2.4.8 upgrade

We recommend that all Magento merchants plan their upgrade to version 2.4.8 as part of a broader strategy to optimise their eCommerce environment. Here are some tips to ensure a smooth transition:

• Update your server’s PHP version: Magento 2.4.8 does not support PHP 8.1 or earlier – you must be running PHP 8.2 or 8.3 before upgrading, and it is compatible with PHP 8.4 as well​.
• Set up OpenSearch 2.19 before upgrading: Sites using Elasticsearch need to migrate to OpenSearch as Elasticsearch is no longer supported in the new version of Magento.
• Backup your store: Always perform a full backup before upgrading to prevent data loss.
• Test in a staging environment: Validate the upgrade on a staging site first to identify and address any compatibility issues with your themes or integrations.
• Engage experienced developers: Work with certified Magento experts to ensure a seamless upgrade process and ongoing maintenance.
• Track performance post-launch: After the upgrade, monitor the website's performance to ensure there are no slowdowns or other issues. Optimise the system as needed to maintain optimal speed and responsiveness.

Making the most of Magento 2.4.8

In general, Adobe Commerce/Magento 2.4.8 offers valuable improvements that can help merchants strengthen security, boost performance, and streamline operations. Key updates include improved GraphQL API functionalities (especially for cart/checkout, customer management, and orders), enhanced Braintree integration with express payment options, and refined error handling throughout. Upgrading to this latest version is a smart move for businesses aiming to enhance their eCommerce capabilities and provide exceptional customer experiences.

Magento 2.4.8 is a highly recommended upgrade for all Magento Open Source and Adobe Commerce users who want to keep their stores secure, fast, and feature-rich. If you’re considering upgrading your Adobe Commerce/Magento Open Source store or adopting Adobe Commerce as a Cloud Service platform, On Tap is here to help. Contact us today to discuss how we can support your Adobe Commerce/Magento 2.4.8 upgrades and innovative solutions that can transform your online business.