Adobe Security Vulnerabilities (CVEs)
Track 1,254 security vulnerabilities affecting Adobe products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
Substance3D Modeler versions 1.22.5 and earlier contain an out-of-bounds read vulnerability that could allow memory exposure. An attacker could exploi...
Feb 10, 2026Lightroom Desktop versions 15.1 and earlier contain an out-of-bounds write vulnerability that could allow attackers to execute arbitrary code when use...
Feb 10, 2026CVE-2026-21354 is an integer overflow vulnerability in Adobe DNG SDK versions 1.7.1 2410 and earlier. Attackers can craft malicious DNG files that cau...
Feb 10, 2026CVE-2026-21352 is an out-of-bounds write vulnerability in Adobe DNG SDK versions 1.7.1 2410 and earlier that could allow arbitrary code execution when...
Feb 10, 2026CVE-2026-21345 is an out-of-bounds read vulnerability in Substance3D Stager that could allow arbitrary code execution when a user opens a malicious fi...
Feb 10, 2026CVE-2026-21346 is an out-of-bounds write vulnerability in Adobe Bridge that could allow arbitrary code execution when a user opens a malicious file. T...
Feb 10, 2026Adobe Bridge versions 15.1.3, 16.0.1 and earlier contain an integer overflow vulnerability that could allow arbitrary code execution when a user opens...
Feb 10, 2026Substance3D Stager versions 3.1.6 and earlier contain an out-of-bounds read vulnerability when parsing malicious files. An attacker could exploit this...
Feb 10, 2026CVE-2026-21341 is an out-of-bounds write vulnerability in Substance3D Stager that could allow arbitrary code execution when a user opens a malicious f...
Feb 10, 2026Substance3D Designer versions 15.1.0 and earlier contain an out-of-bounds read vulnerability that could allow memory exposure. Attackers could exploit...
Feb 10, 2026Substance3D Designer versions 15.1.0 and earlier contain an out-of-bounds read vulnerability that could allow memory exposure. An attacker could explo...
Feb 10, 2026Adobe After Effects versions 25.6 and earlier contain a NULL pointer dereference vulnerability that allows attackers to crash the application by trick...
Feb 10, 2026Adobe After Effects versions 25.6 and earlier contain a use-after-free vulnerability that could allow attackers to execute arbitrary code on a victim'...
Feb 10, 2026This CVE describes a heap-based buffer overflow vulnerability in Adobe InDesign that could allow an attacker to execute arbitrary code with the privil...
Feb 10, 2026Substance3D Designer versions 15.1.0 and earlier contain an out-of-bounds write vulnerability that allows arbitrary code execution when a user opens a...
Feb 10, 2026CVE-2026-21337 is an out-of-bounds read vulnerability in Substance3D Designer that could allow memory exposure when processing malicious files. Attack...
Feb 10, 2026Substance3D Designer versions 15.1.0 and earlier contain a NULL pointer dereference vulnerability that allows attackers to crash the application by tr...
Feb 10, 2026CVE-2026-21324 is an out-of-bounds read vulnerability in Adobe After Effects that could allow an attacker to execute arbitrary code in the context of ...
Feb 10, 2026CVE-2026-21325 is an out-of-bounds read vulnerability in Adobe After Effects that could allow arbitrary code execution when a user opens a malicious f...
Feb 10, 2026Adobe After Effects versions 25.6 and earlier contain a use-after-free vulnerability that could allow attackers to execute arbitrary code on a victim'...
Feb 10, 2026Adobe After Effects versions 25.6 and earlier contain an out-of-bounds write vulnerability that could allow attackers to execute arbitrary code on a v...
Feb 10, 2026CVE-2026-21329 is a use-after-free vulnerability in Adobe After Effects that could allow arbitrary code execution when a user opens a malicious file. ...
Feb 10, 2026Adobe After Effects versions 25.6 and earlier contain a type confusion vulnerability that could allow arbitrary code execution when a user opens a mal...
Feb 10, 2026CVE-2026-21318 is an out-of-bounds write vulnerability in Adobe After Effects that could allow arbitrary code execution when a user opens a malicious ...
Feb 10, 2026Adobe After Effects versions 25.6 and earlier contain a use-after-free vulnerability that could allow an attacker to execute arbitrary code on a victi...
Feb 10, 2026CVE-2026-21322 is an out-of-bounds read vulnerability in Adobe After Effects that could allow arbitrary code execution when a user opens a malicious f...
Feb 10, 2026Adobe After Effects versions 25.6 and earlier contain a use-after-free vulnerability that could allow attackers to execute arbitrary code on a victim'...
Feb 10, 2026Adobe Audition versions 25.3 and earlier contain an out-of-bounds write vulnerability that could allow attackers to execute arbitrary code when a user...
Feb 10, 2026Adobe Audition versions 25.3 and earlier contain an out-of-bounds read vulnerability that could allow attackers to read sensitive information from mem...
Feb 10, 2026Adobe Audition versions 25.3 and earlier contain a buffer overflow vulnerability that allows attackers to cause denial-of-service by crashing the appl...
Feb 10, 2026CVE-2026-21287 is a use-after-free vulnerability in Substance3D Stager that allows arbitrary code execution when a user opens a malicious file. This a...
Jan 13, 2026Substance3D Painter versions 11.0.3 and earlier contain an out-of-bounds write vulnerability that could allow attackers to execute arbitrary code on a...
Jan 13, 2026CVE-2026-21306 is an out-of-bounds write vulnerability in Substance3D Sampler that could allow arbitrary code execution when a user opens a malicious ...
Jan 13, 2026CVE-2026-21307 is an out-of-bounds write vulnerability in Substance3D Designer that could allow arbitrary code execution when a user opens a malicious...
Jan 13, 2026Substance3D Designer versions 15.0.3 and earlier contain an out-of-bounds read vulnerability that could allow memory disclosure. Attackers could explo...
Jan 13, 2026Adobe Bridge versions 15.1.2, 16.0 and earlier contain a heap-based buffer overflow vulnerability that could allow arbitrary code execution when a use...
Jan 13, 2026Adobe Illustrator versions 29.8.3, 30.0 and earlier contain a NULL pointer dereference vulnerability that allows attackers to crash the application by...
Jan 13, 2026CVE-2026-21304 is a heap-based buffer overflow vulnerability in Adobe InDesign that could allow attackers to execute arbitrary code when a user opens ...
Jan 13, 2026Adobe InDesign versions 21.0, 19.5.5 and earlier contain an uninitialized pointer access vulnerability that allows arbitrary code execution when a use...
Jan 13, 2026Adobe InDesign has an uninitialized pointer access vulnerability that allows arbitrary code execution when a user opens a malicious file. This affects...
Jan 13, 2026This CVE describes a heap-based buffer overflow vulnerability in Adobe InDesign that could allow attackers to execute arbitrary code when a user opens...
Jan 13, 2026Adobe InDesign versions 21.0, 19.5.5 and earlier contain an out-of-bounds read vulnerability that could allow attackers to access sensitive informatio...
Jan 13, 2026This CVE describes an untrusted search path vulnerability in Adobe Illustrator that could allow arbitrary code execution when a user opens a malicious...
Jan 13, 2026A heap-based buffer overflow vulnerability in Adobe InCopy allows arbitrary code execution when a user opens a malicious file. This affects users runn...
Jan 13, 2026This CVE describes an OS command injection vulnerability in Adobe Dreamweaver Desktop versions 21.6 and earlier. Attackers can execute arbitrary code ...
Jan 13, 2026Adobe Dreamweaver versions 21.6 and earlier contain an improper input validation vulnerability that allows arbitrary code execution when a user opens ...
Jan 13, 2026CVE-2026-21271 is an Improper Input Validation vulnerability in Adobe Dreamweaver Desktop versions 21.6 and earlier that allows arbitrary code executi...
Jan 13, 2026Adobe Dreamweaver versions 21.6 and earlier contain an improper input validation vulnerability that allows arbitrary file system writes when a user op...
Jan 13, 2026An incorrect authorization vulnerability in Adobe Dreamweaver Desktop allows attackers to execute arbitrary code with the current user's privileges. U...
Jan 13, 2026Adobe Experience Manager versions 6.5.23 and earlier contain a stored Cross-Site Scripting vulnerability that allows low-privileged attackers to injec...
Dec 10, 2025Why Monitor Adobe Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 1,254+ known vulnerabilities affecting Adobe products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Adobe packages in under 60 seconds. No agents required - completely agentless scanning that works across Adobe deployments.
Free vulnerability database: Access detailed information about every Adobe CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Adobe CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
