Security news aggregator

Latest coverage for Adobe

Adobe develops creative, document, and commerce software, making its vulnerabilities and security advisories relevant to users and connected systems.

131 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Adobe software encompasses applications that create, view, and edit complex file formats such as PDFs, images, and multimedia. These files often contain embedded scripts, interactive elements, or executable code, which can introduce vulnerabilities when processed by Adobe products. Attackers exploit flaws in file parsing or script execution to trigger memory corruption or remote code execution, potentially compromising systems that open maliciously crafted files.

Security risks focus on timely patching of vulnerabilities in Adobe readers, editors, and browser plugins to prevent exploitation. Organizations should restrict file access, especially from untrusted sources, and monitor for suspicious activity related to Adobe file handling. Maintaining updated software and applying vendor advisories promptly reduces exposure to targeted attacks leveraging Adobe’s complex file processing capabilities.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 131 Filtered view

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adobe ColdFusion, Joomlack Page Builder, Langflow, and JoomShaper SP Page Builder flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added [1, 2] Adobe ColdFusion, Joomlack Page Builder, Langflow, and JoomShaper SP Page Builder flaws to its Known Exploited Vulnerabilities (KEV) catalog. […]

Attackers are exploiting the critical Adobe ColdFusion flaw CVE-2026-48282, which allows remote code execution on unpatched servers. Attackers have started exploiting CVE-2026-48282, a maximum-severity vulnerability in Adobe ColdFusion. The flaw is a path traversal issue that could result in arbitrary code execution without authentication. It affects ColdFusion 2025.9, 2023.20, and earlier versions, allowing remote attackers […]

Krebs on Security 3 months ago

Patch Tuesday, April 2026 Edition

Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly disclosed weakness in Windows Defender dubbed "BlueHammer." Separately, Google Chrome fixed its fourth zero-day of 2026, and an emergency update for Adobe Reader nixes an actively exploited flaw that can lead to remote code execution.

Loading more headlines...