Adobe — Vulnerabilities & Security Advisories 4289

Browse all 4289 CVE security advisories affecting Adobe. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Adobe Systems Incorporated primarily develops multimedia and creativity software, most notably the PDF format and the Creative Cloud suite. With a vast attack surface encompassing 4,289 recorded CVEs, the company has historically faced significant security challenges. Common vulnerability classes include remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws, often stemming from complex legacy codebases and third-party integrations. Notable incidents include critical RCE vulnerabilities in Acrobat Reader and Flash Player, which were frequently exploited by state-sponsored actors and criminal syndicates. The discontinuation of Flash Player marked a pivotal shift, yet the persistence of high-severity bugs in PDF parsing and document processing engines continues to pose risks. Adobe’s extensive market share makes it a high-value target, necessitating rigorous patch management and secure coding practices to mitigate the ongoing threat landscape associated with its widely deployed enterprise and consumer applications.

CVE ID	Title	CVSS	Severity	Published
CVE-2026-34625	Adobe Experience Manager \| Cross-site Scripting (DOM-based XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-04-14
CVE-2026-34623	Adobe Experience Manager \| Cross-site Scripting (DOM-based XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-04-14
CVE-2026-34624	Adobe Experience Manager \| Cross-site Scripting (DOM-based XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-04-14
CVE-2026-27288	Adobe Experience Manager \| Cross-site Scripting (DOM-based XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-04-14
CVE-2026-27241	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-03-11
CVE-2026-27244	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-03-11
CVE-2026-27255	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-03-11
CVE-2026-27251	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-03-11
CVE-2026-27223	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-03-11
CVE-2026-27262	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-03-11
CVE-2026-27232	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-03-11
CVE-2026-27249	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-03-11
CVE-2026-27247	Adobe Experience Manager \| Cross-site Scripting (DOM-based XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-03-11
CVE-2026-27242	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-03-11
CVE-2026-27252	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-03-11
CVE-2026-27235	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-03-11
CVE-2026-27225	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-03-11
CVE-2026-27256	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-03-11
CVE-2026-27237	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-03-11
CVE-2026-27265	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-03-11
CVE-2026-27233	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-03-11
CVE-2026-27236	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-03-11
CVE-2026-27240	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-03-11
CVE-2026-27239	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-03-11
CVE-2026-27234	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-03-11
CVE-2026-27231	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-03-11
CVE-2026-27230	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-03-11
CVE-2026-27229	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-03-11
CVE-2026-27266	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-03-11
CVE-2026-27254	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79	5.4	Medium	2026-03-11

This page lists every published CVE security advisory associated with Adobe. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

Adobe — Vulnerabilities & Security Advisories 4289