Skip to content
  • Blog Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form

Adobe Patches Critical Code Execution Bugs

Posted on July 8, 2025July 8, 2025 By CWS

Adobe on Tuesday introduced the rollout of safety fixes for 58 vulnerabilities throughout 13 merchandise, together with three critical-severity flaws in Adobe Join, ColdFusion, and Expertise Supervisor Kinds (AEM Kinds) on JEE.

Probably the most extreme of those bugs is CVE-2025-49533 (CVSS rating of 9.8), a deserialization of untrusted knowledge in AEM Kinds on JEE that might result in arbitrary code execution.

Though it says it’s not conscious of any exploits within the wild focusing on the safety defect, Adobe marked the patch as precedence 1, urging customers to replace to AEM Kinds on JEE model 6.5.0.0.20250527.0.

Additionally marked precedence 1, the ColdFusion fixes resolve a complete of 13 safety defects, together with CVE-2025-49535 (CVSS rating of 9.3), an improper restriction of XML exterior entity reference (XXE) bug that might permit attackers to execute arbitrary code on weak methods.

Adobe’s advisory marks 4 different flaws as important, even when they’re categorized as high-severity, based mostly on their CVSS rating. Profitable exploitation of those points might result in privilege escalation, safety function bypass, and arbitrary file system learn, Adobe says.

Tracked as CVE-2025-27203 (CVSS rating of 9.3), the critical-severity vulnerability resolved in Adobe Join is described as a deserialization of untrusted knowledge difficulty that might result in arbitrary code execution.

On Tuesday, Adobe additionally warned of important code execution defects in Dimension, FrameMaker, Illustrator, InDesign, InCopy, and Substance 3D Viewer. All these points have a CVSS rating of seven.8.

Patches have been additionally launched for medium-severity flaws in After Results, Audition, Dimension, Expertise Supervisor Screens, FrameMaker, Illustrator, Substance 3D Stager, and Substance 3D Viewer.Commercial. Scroll to proceed studying.

Adobe says it’s not conscious of public exploits for any of those vulnerabilities, however customers are suggested to replace their purposes as quickly as attainable, as hackers are identified to have focused Adobe vulnerabilities in assaults.

Associated: Code Execution Flaws Hang-out Adobe Acrobat Reader, Adobe Commerce

Associated: Adobe Patches Huge Batch of Essential-Severity Software program Flaws

Associated:Adobe Calls Pressing Consideration to Essential ColdFusion Flaws

Security Week News Tags:Adobe, Bugs, Code, Critical, Execution, Patches

Post navigation

Previous Post: Microsoft Patches 130 Vulnerabilities for July 2025 Patch Tuesday
Next Post: How to Implement Role-Based Access Control (RBAC)

Related Posts

DragonForce Ransomware Hackers Exploiting SimpleHelp Vulnerabilities Security Week News
Fortinet, Ivanti Patch High-Severity Vulnerabilities Security Week News
US Offering $10 Million Reward for RedLine Malware Developer Security Week News
Canadian Electric Utility Lists Customer Information Stolen by Hackers Security Week News
Cryptojackers Caught Mining Monero via Exposed DevOps Infrastructure Security Week News
New AI Jailbreak Bypasses Guardrails With Ease Security Week News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • How to Manage Security Patches in Organizations
  • Gold Melody IAB Exploits Exposed ASP.NET Machine Keys for Unauthorized Access to Targets
  • Top 5 Remote-Access And RMM Tools Most Abused By Threat Actors 
  • Reflectiz Now Available on the Datadog Marketplace
  • Microsoft Patches Wormable RCE Vulnerability in Windows and Windows Server

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • How to Manage Security Patches in Organizations
  • Gold Melody IAB Exploits Exposed ASP.NET Machine Keys for Unauthorized Access to Targets
  • Top 5 Remote-Access And RMM Tools Most Abused By Threat Actors 
  • Reflectiz Now Available on the Datadog Marketplace
  • Microsoft Patches Wormable RCE Vulnerability in Windows and Windows Server

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News