Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Adobe — Vulnerabilities & Security Advisories 4289

Browse all 4289 CVE security advisories affecting Adobe. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Adobe Systems Incorporated primarily develops multimedia and creativity software, most notably the PDF format and the Creative Cloud suite. With a vast attack surface encompassing 4,289 recorded CVEs, the company has historically faced significant security challenges. Common vulnerability classes include remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws, often stemming from complex legacy codebases and third-party integrations. Notable incidents include critical RCE vulnerabilities in Acrobat Reader and Flash Player, which were frequently exploited by state-sponsored actors and criminal syndicates. The discontinuation of Flash Player marked a pivotal shift, yet the persistence of high-severity bugs in PDF parsing and document processing engines continues to pose risks. Adobe’s extensive market share makes it a high-value target, necessitating rigorous patch management and secure coding practices to mitigate the ongoing threat landscape associated with its widely deployed enterprise and consumer applications.

Found 117 results / 4289Clear Filters
Top products by Adobe: Adobe Experience Manager Adobe Acrobat and Reader Acrobat Reader Adobe Commerce Illustrator InDesign Desktop ColdFusion Dimension Bridge After Effects Animate Experience Manager Substance3D - Stager Magento Commerce Adobe Framemaker Substance3D - Painter InDesign InCopy Photoshop Media Encoder Substance3D - Modeler Adobe Photoshop CC Substance3D - Designer Adobe Connect Audition FrameMaker Magento Adobe Photoshop Photoshop Desktop Substance3D - Sampler
CVE IDTitleCVSSSeverityPublished
CVE-2026-34619 ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) — ColdFusionCWE-22 7.7 High2026-04-14
CVE-2026-27308 ColdFusion | Uncontrolled Resource Consumption (CWE-400) — ColdFusionCWE-400 2.4 Low2026-04-14
CVE-2026-27282 ColdFusion | Improper Input Validation (CWE-20) — ColdFusionCWE-20 7.5 High2026-04-14
CVE-2026-27305 ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) — ColdFusionCWE-22 8.6 High2026-04-14
CVE-2026-27304 ColdFusion | Improper Input Validation (CWE-20) — ColdFusionCWE-20 9.3 Critical2026-04-14
CVE-2026-27306 ColdFusion | Improper Input Validation (CWE-20) — ColdFusionCWE-20 8.4 High2026-04-14
CVE-2026-27307 ColdFusion | Uncontrolled Resource Consumption (CWE-400) — ColdFusionCWE-400 2.4 Low2026-04-14
CVE-2025-61808 ColdFusion | Unrestricted Upload of File with Dangerous Type (CWE-434) — ColdFusionCWE-434 9.1 Critical2025-12-09
CVE-2025-61813 ColdFusion | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611) — ColdFusionCWE-611 8.2 High2025-12-09
CVE-2025-61812 ColdFusion | Improper Input Validation (CWE-20) — ColdFusionCWE-20 8.4 High2025-12-09
CVE-2025-64898 ColdFusion | Insufficiently Protected Credentials (CWE-522) — ColdFusionCWE-522 4.3 Medium2025-12-09
CVE-2025-61821 ColdFusion | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611) — ColdFusionCWE-611 6.8 Medium2025-12-09
CVE-2025-61810 ColdFusion | Deserialization of Untrusted Data (CWE-502) — ColdFusionCWE-502 8.4 High2025-12-09
CVE-2025-61809 ColdFusion | Improper Input Validation (CWE-20) — ColdFusionCWE-20 9.1 Critical2025-12-09
CVE-2025-61822 ColdFusion | Improper Input Validation (CWE-20) — ColdFusionCWE-20 6.2 Medium2025-12-09
CVE-2025-64897 ColdFusion | Improper Access Control (CWE-284) — ColdFusionCWE-284 5.6 Medium2025-12-09
CVE-2025-61823 ColdFusion | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611) — ColdFusionCWE-611 6.2 Medium2025-12-09
CVE-2025-61811 ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) — ColdFusionCWE-22 9.1 Critical2025-12-09
CVE-2025-54261 ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) — ColdFusionCWE-22 10.0 Critical2025-09-09
CVE-2025-54234 ColdFusion | Server-Side Request Forgery (SSRF) (CWE-918) — ColdFusionCWE-918 2.7 Low2025-08-18
CVE-2025-49542 ColdFusion | Cross-site Scripting (Reflected XSS) (CWE-79) — ColdFusionCWE-79 5.2 Medium2025-07-08
CVE-2025-49535 ColdFusion | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611) — ColdFusionCWE-611 9.3 Critical2025-07-08
CVE-2025-49539 ColdFusion | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611) — ColdFusionCWE-611 4.5 Medium2025-07-08
CVE-2025-49536 ColdFusion | Incorrect Authorization (CWE-863) — ColdFusionCWE-863 7.3 High2025-07-08
CVE-2025-49545 ColdFusion | Server-Side Request Forgery (SSRF) (CWE-918) — ColdFusionCWE-918 6.2 Medium2025-07-08
CVE-2025-49541 ColdFusion | Cross-site Scripting (Stored XSS) (CWE-79) — ColdFusionCWE-79 4.3 Medium2025-07-08
CVE-2025-49537 ColdFusion | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78) — ColdFusionCWE-78 7.9 High2025-07-08
CVE-2025-49551 ColdFusion | Use of Hard-coded Credentials (CWE-798) — ColdFusionCWE-798 8.8 High2025-07-08
CVE-2025-49546 ColdFusion | Improper Access Control (CWE-284) — ColdFusionCWE-284 2.4 Low2025-07-08
CVE-2025-49544 ColdFusion | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611) — ColdFusionCWE-611 6.8 Medium2025-07-08

This page lists every published CVE security advisory associated with Adobe. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.