Adobe Security Vulnerabilities (CVEs)
Track 1,274 security vulnerabilities affecting Adobe products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
Adobe Framemaker versions 2020.8, 2022.6 and earlier contain a heap-based buffer overflow vulnerability that allows arbitrary code execution when a us...
Apr 8, 2025Adobe Framemaker versions 2020.8, 2022.6 and earlier contain a NULL pointer dereference vulnerability that allows attackers to cause denial-of-service...
Apr 8, 2025Adobe Framemaker versions 2020.8, 2022.6 and earlier contain an out-of-bounds read vulnerability that could allow attackers to read sensitive memory c...
Apr 8, 2025Adobe Framemaker versions 2020.8, 2022.6 and earlier contain an out-of-bounds write vulnerability that could allow arbitrary code execution when a use...
Apr 8, 2025Adobe Framemaker versions 2020.8, 2022.6 and earlier contain a heap-based buffer overflow vulnerability that could allow attackers to execute arbitrar...
Apr 8, 2025Adobe Framemaker versions 2020.8, 2022.6 and earlier contain an out-of-bounds write vulnerability that could allow attackers to execute arbitrary code...
Apr 8, 2025Adobe Experience Manager Screens versions FP11.3 and earlier contain a stored cross-site scripting vulnerability that allows low-privileged attackers ...
Apr 8, 2025CVE-2025-27195 is a heap-based buffer overflow vulnerability in Adobe Media Encoder that could allow arbitrary code execution when a user opens a mali...
Apr 8, 2025A heap-based buffer overflow vulnerability in Adobe Photoshop allows attackers to execute arbitrary code when a user opens a malicious file. This affe...
Apr 8, 2025Adobe Animate versions 24.0.7, 23.0.10 and earlier contain a use-after-free vulnerability that could allow arbitrary code execution when a user opens ...
Apr 8, 2025Adobe Animate versions 24.0.7, 23.0.10 and earlier contain an out-of-bounds read vulnerability that could allow attackers to read sensitive memory con...
Apr 8, 2025CVE-2025-27184 is an out-of-bounds read vulnerability in Adobe After Effects that could allow an attacker to read sensitive memory contents. This coul...
Apr 8, 2025Adobe After Effects versions 25.1, 24.6.4 and earlier contain an out-of-bounds read vulnerability that could allow attackers to read sensitive memory ...
Apr 8, 2025CVE-2025-27193 is a heap-based buffer overflow vulnerability in Adobe Bridge that could allow arbitrary code execution when a user opens a malicious f...
Apr 8, 2025CVE-2025-27182 is an out-of-bounds write vulnerability in Adobe After Effects that could allow arbitrary code execution when a user opens a malicious ...
Apr 8, 2025Adobe Experience Manager versions 6.5.21 and earlier contain a DOM-based cross-site scripting vulnerability that allows low-privileged attackers to ex...
Mar 19, 2025This DOM-based Cross-Site Scripting (XSS) vulnerability in Adobe Experience Manager allows attackers to inject malicious scripts that execute in victi...
Mar 19, 2025Substance3D Modeler versions 1.15.0 and earlier contain a NULL pointer dereference vulnerability that allows attackers to crash the application by tri...
Mar 11, 2025CVE-2025-27173 is a heap-based buffer overflow vulnerability in Substance3D Modeler that allows arbitrary code execution when a user opens a malicious...
Mar 11, 2025CVE-2025-27180 is an out-of-bounds read vulnerability in Substance3D Modeler that could allow an attacker to read sensitive memory contents when a vic...
Mar 11, 2025CVE-2025-27181 is a use-after-free vulnerability in Substance3D Modeler that could allow arbitrary code execution when a user opens a malicious file. ...
Mar 11, 2025CVE-2025-27172 is an out-of-bounds write vulnerability in Substance3D Designer that could allow arbitrary code execution when a user opens a malicious...
Mar 11, 2025CVE-2025-21169 is a heap-based buffer overflow vulnerability in Substance3D Designer that could allow arbitrary code execution when a user opens a mal...
Mar 11, 2025CVE-2025-24434 is an incorrect authorization vulnerability in Adobe Commerce that allows attackers to bypass security controls and escalate privileges...
Feb 11, 2025Adobe Commerce has an incorrect authorization vulnerability that allows low-privileged attackers to bypass security features and view select informati...
Feb 11, 2025A stored Cross-Site Scripting (XSS) vulnerability in Adobe Commerce allows low-privileged attackers to inject malicious JavaScript into vulnerable for...
Feb 11, 2025CVE-2025-24427 is an improper access control vulnerability in Adobe Commerce that allows low-privileged attackers to bypass security measures and gain...
Feb 11, 2025Adobe Commerce has an incorrect authorization vulnerability that allows low-privileged attackers to bypass security features and read select data with...
Feb 11, 2025Adobe Commerce has an improper access control vulnerability (CWE-284) that allows low-privileged attackers to escalate privileges and modify select da...
Feb 11, 2025This CVE describes a business logic error in Adobe Commerce that allows attackers to bypass security features and modify limited data without user int...
Feb 11, 2025A stored Cross-Site Scripting (XSS) vulnerability in Adobe Commerce allows low-privileged attackers to inject malicious JavaScript into vulnerable for...
Feb 11, 2025A stored Cross-Site Scripting (XSS) vulnerability in Adobe Commerce allows low-privileged attackers to inject malicious scripts into form fields. When...
Feb 11, 2025CVE-2025-24418 is an improper authorization vulnerability in Adobe Commerce that allows low-privileged attackers to bypass security controls and escal...
Feb 11, 2025CVE-2025-24419 is an incorrect authorization vulnerability in Adobe Commerce that allows low-privileged attackers to bypass security features and modi...
Feb 11, 2025A stored Cross-Site Scripting (XSS) vulnerability in Adobe Commerce allows low-privileged attackers to inject malicious JavaScript into vulnerable for...
Feb 11, 2025Adobe Commerce has an improper access control vulnerability that allows low-privileged attackers to bypass security measures and gain unauthorized acc...
Feb 11, 2025A stored Cross-Site Scripting (XSS) vulnerability in Adobe Commerce allows low-privileged attackers to inject malicious JavaScript into vulnerable for...
Feb 11, 2025A stored cross-site scripting (XSS) vulnerability in Adobe Commerce allows low-privileged attackers to inject malicious scripts into vulnerable form f...
Feb 11, 2025A stored Cross-Site Scripting (XSS) vulnerability in Adobe Commerce allows low-privileged attackers to inject malicious JavaScript into vulnerable for...
Feb 11, 2025A stored Cross-Site Scripting (XSS) vulnerability in Adobe Commerce allows low-privileged attackers to inject malicious JavaScript into vulnerable for...
Feb 11, 2025This CVE describes a path traversal vulnerability in Adobe Commerce that allows unauthenticated attackers to modify files outside restricted directori...
Feb 11, 2025Adobe Commerce has an incorrect authorization vulnerability (CWE-863) that allows low-privileged attackers to bypass security features and perform una...
Feb 11, 2025Adobe Commerce has an information exposure vulnerability that allows low-privileged attackers to access sensitive data without user interaction. This ...
Feb 11, 2025This CVE describes an incorrect authorization vulnerability in Adobe Commerce that allows attackers to bypass security measures and gain unauthorized ...
Feb 11, 2025Adobe Illustrator versions 29.1, 28.7.3 and earlier contain an integer underflow vulnerability that could allow arbitrary code execution when a user o...
Feb 11, 2025CVE-2025-21161 is an out-of-bounds write vulnerability in Substance3D Designer that could allow arbitrary code execution when a user opens a malicious...
Feb 11, 2025Photoshop Elements 2025.0 and earlier versions contain a vulnerability where temporary files are created with insecure permissions, allowing local pri...
Feb 11, 2025A stack-based buffer overflow vulnerability in Adobe Illustrator allows attackers to execute arbitrary code when a user opens a malicious file. This a...
Feb 11, 2025An integer underflow vulnerability in Adobe InCopy allows arbitrary code execution when a user opens a malicious file. This affects users of InCopy ve...
Feb 11, 2025Adobe Illustrator versions 29.1, 28.7.3 and earlier contain a use-after-free vulnerability that could allow attackers to execute arbitrary code when a...
Feb 11, 2025Why Monitor Adobe Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 1,274+ known vulnerabilities affecting Adobe products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Adobe packages in under 60 seconds. No agents required - completely agentless scanning that works across Adobe deployments.
Free vulnerability database: Access detailed information about every Adobe CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Adobe CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
