Summary
Adobe's June 2026 security updates patch vulnerabilities across 11 product families, most enabling arbitrary code execution, with the most critical being two CVSS 10.0 authorization flaws in Campaign Classic and several high-severity ColdFusion bugs.
Take Action:
If you use any Adobe products, prioritize updating Adobe Campaign Classic and Adobe ColdFusion immediately, as they contain the most severe vulnerabilities (CVSS scores up to 10.0 and 9.6) that could lead to arbitrary code execution, privilege escalation, arbitrary file system read, and security feature bypass. Then update Adobe Acrobat and Reader and Adobe Experience Manager Forms, which carry critical code execution flaws. Then update the rest of your Adobe software. If you can't update right away, avoid opening untrusted files in affected applications, and restrict network access to ColdFusion and Campaign Classic servers until patches are applied.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)