CVE Tools
Back to feed
SecurityWeek ·EN-US News source Patch releasedColdFusionCommerceExperience Manager

Adobe Patches Critical ColdFusion Vulnerabilities

By Ionut Arghire··2 min read
CVE Tools coverage

Adobe has issued security updates for 12 products to resolve 88 vulnerabilities, including several critical flaws in ColdFusion, Commerce, Experience Manager, and Illustrator. Among the 13 issues fixed in ColdFusion, eight are rated critical and could allow attackers to execute arbitrary code or escalate privileges. These include path traversal, code injection, and SQL injection vulnerabilities. Adobe recommends applying the latest updates immediately, particularly for ColdFusion 2025 update 11 and ColdFusion 2023 update 22. The company also addressed multiple high-severity issues in other software such as Commerce, Experience Manager, and Creative Cloud applications.