Adobe Security Vulnerabilities (CVEs)
Track 1,274 security vulnerabilities affecting Adobe products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
CVE-2025-46840 is an improper authorization vulnerability in Adobe Experience Manager that allows low-privileged attackers to bypass security controls...
Jun 10, 2025Adobe Experience Manager versions 6.5.22 and earlier contain a stored XSS vulnerability where low-privileged attackers can inject malicious scripts in...
Jun 10, 2025This stored XSS vulnerability in Adobe Experience Manager allows low-privileged attackers to inject malicious JavaScript into form fields. When victim...
Jun 10, 2025Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier contain an information exposure vulnerability that could allow attackers ...
Jun 10, 2025CVE-2025-47107 is a heap-based buffer overflow vulnerability in Adobe InCopy that could allow arbitrary code execution when a user opens a malicious f...
Jun 10, 2025This CVE describes an out-of-bounds read vulnerability in Adobe Acrobat Reader that could allow an attacker to read sensitive memory contents. If expl...
Jun 10, 2025A use-after-free vulnerability in Adobe Acrobat Reader allows arbitrary code execution when a user opens a malicious PDF file. This affects users runn...
Jun 10, 2025Adobe Acrobat Reader has an out-of-bounds write vulnerability that allows arbitrary code execution when a user opens a malicious PDF file. This affect...
Jun 10, 2025A use-after-free vulnerability in Adobe Acrobat Reader allows arbitrary code execution when a user opens a malicious PDF file. This affects users runn...
Jun 10, 2025An integer overflow vulnerability in Adobe InCopy allows arbitrary code execution when a user opens a malicious file. This affects users of InCopy ver...
Jun 10, 2025CVE-2025-43581 is an out-of-bounds write vulnerability in Substance3D Sampler versions 5.0 and earlier that could allow arbitrary code execution when ...
Jun 10, 2025CVE-2025-47108 is an out-of-bounds write vulnerability in Substance3D Painter that could allow arbitrary code execution when a user opens a malicious ...
Jun 10, 2025Adobe InDesign has an out-of-bounds read vulnerability that could allow attackers to read sensitive memory contents when users open malicious files. T...
Jun 10, 2025Adobe InDesign has an out-of-bounds write vulnerability that allows arbitrary code execution when a user opens a malicious file. This affects users of...
Jun 10, 2025Adobe InDesign has a use-after-free vulnerability that allows arbitrary code execution when a user opens a malicious file. This affects users running ...
Jun 10, 2025Adobe InDesign has a NULL pointer dereference vulnerability that allows attackers to cause application crashes via malicious files. Users must open a ...
Jun 10, 2025Adobe Commerce has an improper authorization vulnerability that allows attackers to bypass security measures and gain unauthorized access. This affect...
Jun 10, 2025This CVE describes an Improper Access Control vulnerability in Adobe Commerce that allows attackers to bypass security measures and gain limited write...
Jun 10, 2025CVE-2025-43571 is a use-after-free vulnerability in Substance3D Stager that could allow arbitrary code execution when a user opens a malicious file. T...
May 13, 2025This CVE describes an incorrect authorization vulnerability in Adobe ColdFusion that allows high-privileged attackers to bypass security controls and ...
May 13, 2025Adobe Connect versions 12.8 and earlier contain a reflected Cross-Site Scripting (XSS) vulnerability where attackers can inject malicious scripts into...
May 13, 2025CVE-2025-43569 is an out-of-bounds write vulnerability in Substance3D Stager that allows arbitrary code execution when a user opens a malicious file. ...
May 13, 2025Substance3D Stager versions 3.1.1 and earlier contain an out-of-bounds read vulnerability that could allow attackers to read sensitive memory contents...
May 13, 2025CVE-2025-43553 is an uncontrolled search path vulnerability in Substance3D Modeler that allows attackers to execute arbitrary code by tricking users i...
May 13, 2025This CVE describes an improper input validation vulnerability in Adobe ColdFusion that allows authenticated high-privileged attackers to execute arbit...
May 13, 2025This CVE describes an incorrect authorization vulnerability in Adobe ColdFusion that allows high-privileged attackers to bypass authentication mechani...
May 13, 2025This CVE describes an Improper Access Control vulnerability in Adobe ColdFusion that allows high-privileged attackers to read arbitrary files from the...
May 13, 2025Adobe Dimension versions 4.1.2 and earlier contain an out-of-bounds write vulnerability that could allow arbitrary code execution when a user opens a ...
May 13, 2025Adobe Connect versions 12.8 and earlier contain a stored Cross-Site Scripting vulnerability where attackers can inject malicious JavaScript into form ...
May 13, 2025Adobe Connect versions 12.8 and earlier contain a stored Cross-Site Scripting vulnerability that allows low-privileged attackers to inject malicious J...
May 13, 2025Adobe Bridge versions 15.0.3, 14.1.6 and earlier contain an integer underflow vulnerability that could allow arbitrary code execution when a user open...
May 13, 2025An integer underflow vulnerability in Adobe Animate allows arbitrary code execution when a user opens a malicious file. This affects users of Adobe An...
May 13, 2025Adobe Animate versions 24.0.8, 23.0.11 and earlier contain an uninitialized pointer access vulnerability that could allow arbitrary code execution whe...
May 13, 2025A heap-based buffer overflow vulnerability in Adobe Illustrator allows attackers to execute arbitrary code when a user opens a malicious file. This af...
May 13, 2025CVE-2025-30322 is an out-of-bounds write vulnerability in Substance3D Painter that could allow arbitrary code execution when a user opens a malicious ...
May 13, 2025An integer overflow vulnerability in Adobe Photoshop allows arbitrary code execution when a user opens a malicious file. This affects Photoshop Deskto...
May 13, 2025Adobe Animate versions 24.0.8, 23.0.11 and earlier contain an out-of-bounds write vulnerability that could allow attackers to execute arbitrary code o...
May 13, 2025This CVE describes an out-of-bounds write vulnerability in Adobe InDesign that could allow arbitrary code execution when a user opens a malicious file...
May 13, 2025Adobe InDesign versions ID19.5.2, ID20.2 and earlier contain a NULL pointer dereference vulnerability that allows attackers to cause denial-of-service...
May 13, 2025CVE-2025-27188 is an improper authorization vulnerability in Adobe Commerce that allows attackers to bypass security controls and escalate privileges ...
Apr 8, 2025This CVE describes an Improper Access Control vulnerability in Adobe Commerce that allows attackers to bypass security measures and gain unauthorized ...
Apr 8, 2025This CVE describes an information exposure vulnerability in Adobe ColdFusion that allows low-privileged local attackers to access sensitive informatio...
Apr 8, 2025This CVE describes an Improper Input Validation vulnerability in Adobe ColdFusion that allows high-privileged attackers to bypass security protections...
Apr 8, 2025This CVE describes a deserialization vulnerability in Adobe ColdFusion that allows arbitrary code execution when untrusted data is processed. Attacker...
Apr 8, 2025This CVE describes an improper authentication vulnerability in Adobe ColdFusion that allows low-privileged local attackers to bypass security controls...
Apr 8, 2025This CVE describes an OS command injection vulnerability in Adobe ColdFusion that allows authenticated attackers with local access to execute arbitrar...
Apr 8, 2025This CVE describes an improper authentication vulnerability in Adobe ColdFusion that allows high-privileged attackers to bypass authentication mechani...
Apr 8, 2025This CVE describes a deserialization vulnerability in Adobe ColdFusion that allows attackers to execute arbitrary code without user interaction. Syste...
Apr 8, 2025XMP Toolkit versions 2023.12 and earlier contain an out-of-bounds read vulnerability that could allow attackers to read sensitive memory contents. Thi...
Apr 8, 2025XMP Toolkit versions 2023.12 and earlier contain an out-of-bounds read vulnerability that could allow attackers to read sensitive memory contents. Thi...
Apr 8, 2025Why Monitor Adobe Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 1,274+ known vulnerabilities affecting Adobe products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Adobe packages in under 60 seconds. No agents required - completely agentless scanning that works across Adobe deployments.
Free vulnerability database: Access detailed information about every Adobe CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Adobe CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
