Login Sign Up

Adobe Security Vulnerabilities (CVEs)

Track 1,254 security vulnerabilities affecting Adobe products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.

52 Critical
688 High
512 Medium
2 Low
🔔 Get Alerts for Adobe
CVE-2025-64622 5.4

Adobe Experience Manager versions 6.5.23 and earlier contain a stored cross-site scripting vulnerability in form fields. Low-privileged attackers can ...

Dec 10, 2025
CVE-2025-64553 5.4

Adobe Experience Manager versions 6.5.23 and earlier contain a stored Cross-Site Scripting (XSS) vulnerability that allows low-privileged attackers to...

Dec 10, 2025
CVE-2025-64546 5.4

Adobe Experience Manager versions 6.5.23 and earlier contain a stored cross-site scripting vulnerability in form fields. Low-privileged attackers can ...

Dec 10, 2025
CVE-2025-64547 5.4

This stored XSS vulnerability in Adobe Experience Manager allows low-privileged attackers to inject malicious JavaScript into form fields. When victim...

Dec 10, 2025
CVE-2025-64548 5.4

Adobe Experience Manager versions 6.5.23 and earlier contain a stored cross-site scripting vulnerability that allows low-privileged attackers to injec...

Dec 10, 2025
CVE-2025-64549 5.4

This stored XSS vulnerability in Adobe Experience Manager allows low-privileged attackers to inject malicious JavaScript into form fields. When victim...

Dec 10, 2025
CVE-2025-64550 5.4

Adobe Experience Manager versions 6.5.23 and earlier contain a DOM-based Cross-Site Scripting vulnerability that allows low-privileged attackers to ex...

Dec 10, 2025
CVE-2025-64551 5.4

This DOM-based XSS vulnerability in Adobe Experience Manager allows low-privileged attackers to execute malicious JavaScript in victims' browsers when...

Dec 10, 2025
CVE-2025-64538 9.3

Adobe Experience Manager versions 6.5.23 and earlier contain a DOM-based Cross-Site Scripting vulnerability that allows attackers to execute arbitrary...

Dec 10, 2025
CVE-2025-64539 9.3

Adobe Experience Manager versions 6.5.23 and earlier contain a DOM-based Cross-Site Scripting vulnerability that allows attackers to execute arbitrary...

Dec 10, 2025
CVE-2025-64541 5.4

This stored Cross-Site Scripting (XSS) vulnerability in Adobe Experience Manager allows low-privileged attackers to inject malicious JavaScript into v...

Dec 10, 2025
CVE-2025-64543 5.4

Adobe Experience Manager versions 6.5.23 and earlier contain a DOM-based Cross-Site Scripting vulnerability that allows low-privileged attackers to ex...

Dec 10, 2025
CVE-2025-64544 5.4

Adobe Experience Manager versions 6.5.23 and earlier contain a DOM-based cross-site scripting vulnerability that allows low-privileged attackers to ex...

Dec 10, 2025
CVE-2025-64545 5.4

Adobe Experience Manager versions 6.5.23 and earlier contain a DOM-based Cross-Site Scripting vulnerability that allows low-privileged attackers to ex...

Dec 10, 2025
CVE-2025-64537 9.3

Adobe Experience Manager versions 6.5.23 and earlier contain a DOM-based Cross-Site Scripting vulnerability that allows attackers to execute arbitrary...

Dec 10, 2025
CVE-2025-61821 6.8

This XXE vulnerability in ColdFusion allows attackers to read arbitrary files from the server's filesystem without user interaction. It affects ColdFu...

Dec 10, 2025
CVE-2025-61822 6.2

This CVE describes an Improper Input Validation vulnerability in Adobe ColdFusion that allows attackers to write arbitrary files to the file system wi...

Dec 10, 2025
CVE-2025-61823 6.2

This XXE vulnerability in Adobe ColdFusion allows high-privileged attackers to read arbitrary files from the server filesystem when they can submit ma...

Dec 10, 2025
CVE-2025-64897 5.6

This CVE describes an Improper Access Control vulnerability in Adobe ColdFusion where low-privileged authenticated users can bypass security controls ...

Dec 10, 2025
CVE-2025-64898 4.3

ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier have an insufficient credential protection vulnerability that allows attackers to gain unauth...

Dec 10, 2025
CVE-2025-61808 9.1

This vulnerability allows high-privileged attackers to upload dangerous file types to ColdFusion servers without authentication, potentially leading t...

Dec 10, 2025
CVE-2025-61809 9.1

This CVE describes an Improper Input Validation vulnerability in Adobe ColdFusion that allows attackers to bypass security measures and gain unauthori...

Dec 10, 2025
CVE-2025-61810 8.4

This vulnerability allows attackers to execute arbitrary code on ColdFusion servers by sending malicious serialized data. It affects ColdFusion 2025.4...

Dec 10, 2025
CVE-2025-61811 9.1

This CVE describes an Improper Access Control vulnerability in Adobe ColdFusion that allows high-privileged attackers to bypass security controls and ...

Dec 10, 2025
CVE-2025-61812 8.4

This CVE describes an improper input validation vulnerability in Adobe ColdFusion that allows high-privileged attackers to execute arbitrary code with...

Dec 10, 2025
CVE-2025-61813 8.2

This XXE vulnerability in Adobe ColdFusion allows attackers to read arbitrary files from the server filesystem without authentication. All ColdFusion ...

Dec 10, 2025
CVE-2025-64786 3.3

Acrobat Reader has an improper cryptographic signature verification vulnerability that allows attackers to bypass security features and gain limited u...

Dec 9, 2025
CVE-2025-64787 3.3

This CVE describes an Improper Verification of Cryptographic Signature vulnerability in Adobe Acrobat Reader that allows attackers to bypass cryptogra...

Dec 9, 2025
CVE-2025-64896 5.5

Creative Cloud Desktop versions 6.4.0.361 and earlier contain a vulnerability where temporary files are created with incorrect permissions. An attacke...

Dec 9, 2025
CVE-2025-64899 7.8

This CVE describes an out-of-bounds read vulnerability in Adobe Acrobat Reader that could allow an attacker to execute arbitrary code in the context o...

Dec 9, 2025
CVE-2025-64785 7.8

This CVE describes an untrusted search path vulnerability in Adobe Acrobat Reader that allows attackers to execute arbitrary code without user interac...

Dec 9, 2025
CVE-2025-64783 7.8

CVE-2025-64783 is an integer overflow vulnerability in Adobe DNG SDK versions 1.7.0 and earlier that allows arbitrary code execution when a user opens...

Dec 9, 2025
CVE-2025-64784 7.1

CVE-2025-64784 is a heap-based buffer overflow vulnerability in DNG SDK versions 1.7.0 and earlier, allowing attackers to disclose sensitive memory in...

Dec 9, 2025
CVE-2025-64893 7.1

CVE-2025-64893 is an out-of-bounds read vulnerability in Adobe DNG SDK versions 1.7.0 and earlier. Attackers can exploit this by tricking users into o...

Dec 9, 2025
CVE-2025-64894 5.5

CVE-2025-64894 is an integer overflow vulnerability in DNG SDK versions 1.7.0 and earlier that allows attackers to cause denial-of-service by tricking...

Dec 9, 2025
CVE-2025-64531 7.8

A use-after-free vulnerability in Substance3D Stager versions 3.1.5 and earlier allows attackers to execute arbitrary code when a user opens a malicio...

Nov 11, 2025
CVE-2025-61833 7.8

CVE-2025-61833 is an out-of-bounds read vulnerability in Substance3D Stager that could allow arbitrary code execution when a user opens a malicious fi...

Nov 11, 2025
CVE-2025-61834 7.8

CVE-2025-61834 is a use-after-free vulnerability in Substance3D Stager that could allow arbitrary code execution when a user opens a malicious file. T...

Nov 11, 2025
CVE-2025-61835 7.8

Substance3D Stager versions 3.1.5 and earlier contain an integer underflow vulnerability that could allow arbitrary code execution when a user opens a...

Nov 11, 2025
CVE-2025-61842 5.5

Format Plugins versions 1.1.1 and earlier contain a Use After Free vulnerability that could allow memory exposure when processing malicious files. An ...

Nov 11, 2025
CVE-2025-61843 5.5

Format Plugins versions 1.1.1 and earlier contain an out-of-bounds read vulnerability that could allow attackers to read sensitive information from me...

Nov 11, 2025
CVE-2025-61844 5.5

Format Plugins versions 1.1.1 and earlier contain an out-of-bounds read vulnerability that could allow attackers to read sensitive information from me...

Nov 11, 2025
CVE-2025-61845 5.5

Format Plugins versions 1.1.1 and earlier contain an out-of-bounds read vulnerability that could allow memory exposure. Attackers could exploit this b...

Nov 11, 2025
CVE-2025-61837 7.8

Format Plugins versions 1.1.1 and earlier contain a heap-based buffer overflow vulnerability that allows attackers to execute arbitrary code when a us...

Nov 11, 2025
CVE-2025-61838 7.8

Format Plugins versions 1.1.1 and earlier contain a heap-based buffer overflow vulnerability that could allow arbitrary code execution when a user ope...

Nov 11, 2025
CVE-2025-61839 7.8

Format Plugins versions 1.1.1 and earlier contain an out-of-bounds read vulnerability when parsing malicious files. An attacker could exploit this to ...

Nov 11, 2025
CVE-2025-61840 5.5

Format Plugins versions 1.1.1 and earlier contain an out-of-bounds read vulnerability that could allow attackers to read sensitive information from me...

Nov 11, 2025
CVE-2025-61841 5.5

Format Plugins versions 1.1.1 and earlier contain an out-of-bounds read vulnerability that could allow attackers to access sensitive memory informatio...

Nov 11, 2025
CVE-2025-61826 7.8

Adobe Illustrator on iPad versions 3.0.9 and earlier contain an integer underflow vulnerability that could allow attackers to execute arbitrary code w...

Nov 11, 2025
CVE-2025-61827 7.8

Adobe Illustrator on iPad versions 3.0.9 and earlier contain a heap-based buffer overflow vulnerability that could allow attackers to execute arbitrar...

Nov 11, 2025

Why Monitor Adobe Security Vulnerabilities?

Real-time CVE tracking: Our automated system monitors 1,254+ known vulnerabilities affecting Adobe products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.

Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Adobe packages in under 60 seconds. No agents required - completely agentless scanning that works across Adobe deployments.

Free vulnerability database: Access detailed information about every Adobe CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.

🚀 Get Started in 60 Seconds

  • Register free account & add your servers
  • Run one-time scan or schedule automatic monitoring (every 1-24 hours)
  • Receive instant alerts when new Adobe CVEs affect your systems
  • Access dashboard with severity breakdown & fix instructions
Start Monitoring Adobe CVEs Free