Adobe — Vulnerabilities & Security Advisories 4289

Browse all 4289 CVE security advisories affecting Adobe. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Adobe Systems Incorporated primarily develops multimedia and creativity software, most notably the PDF format and the Creative Cloud suite. With a vast attack surface encompassing 4,289 recorded CVEs, the company has historically faced significant security challenges. Common vulnerability classes include remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws, often stemming from complex legacy codebases and third-party integrations. Notable incidents include critical RCE vulnerabilities in Acrobat Reader and Flash Player, which were frequently exploited by state-sponsored actors and criminal syndicates. The discontinuation of Flash Player marked a pivotal shift, yet the persistence of high-severity bugs in PDF parsing and document processing engines continues to pose risks. Adobe’s extensive market share makes it a high-value target, necessitating rigorous patch management and secure coding practices to mitigate the ongoing threat landscape associated with its widely deployed enterprise and consumer applications.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-47016	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10
CVE-2025-46878	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10
CVE-2025-46978	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10
CVE-2025-47073	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10
CVE-2025-47041	Adobe Experience Manager \| Cross-site Scripting (DOM-based XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10
CVE-2025-46838	Adobe Experience Manager \| Cross-site Scripting (DOM-based XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10
CVE-2025-46949	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10
CVE-2025-46942	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10
CVE-2025-46989	Adobe Experience Manager \| Cross-site Scripting (DOM-based XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10
CVE-2025-46981	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10
CVE-2025-46905	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10
CVE-2025-47050	Adobe Experience Manager \| Cross-site Scripting (DOM-based XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10
CVE-2025-46918	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10
CVE-2025-46976	Adobe Experience Manager \| Cross-site Scripting (DOM-based XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10
CVE-2025-47085	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10
CVE-2025-47115	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10
CVE-2025-47092	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10
CVE-2025-47096	Adobe Experience Manager \| Improper Input Validation (CWE-20) — Adobe Experience ManagerCWE-20	3.5	Low	2025-06-10
CVE-2025-47057	Adobe Experience Manager \| Cross-site Scripting (DOM-based XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10
CVE-2025-46910	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10
CVE-2025-46903	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10
CVE-2025-46979	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10
CVE-2025-46845	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10
CVE-2025-46999	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10
CVE-2025-47040	Adobe Experience Manager \| Cross-site Scripting (DOM-based XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10
CVE-2025-47114	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10
CVE-2025-47074	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10
CVE-2025-47017	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10
CVE-2025-47034	Adobe Experience Manager \| Cross-site Scripting (DOM-based XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10
CVE-2025-47006	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2025-06-10

This page lists every published CVE security advisory associated with Adobe. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

Adobe — Vulnerabilities & Security Advisories 4289