Adobe Releases Urgent Security Updates for 52 Vulnerabilities

Adobe Releases Urgent Security Updates for 52 Vulnerabilities

Posted on By CWS

Adobe has announced a comprehensive security update addressing 52 vulnerabilities across 10 of its products. This significant effort includes patches for critical vulnerabilities that pose risks such as remote code execution and privilege escalation.

Critical Vulnerabilities Highlighted

The majority of the vulnerabilities patched could potentially be exploited for arbitrary code execution, with application denial-of-service (DoS) being the second most frequent issue resolved. The Adobe Connect update is particularly noteworthy, as it tackles two high-impact vulnerabilities that could lead to critical security breaches. These include CVE-2026-34659, with a CVSS score of 9.6, and CVE-2026-34660, scoring 9.3, both of which are capable of compromising system integrity.

Extensive Updates for Adobe Products

Among the updated products, Adobe Commerce received the most comprehensive patching effort, addressing a range of security defects. Following closely, the Content Authenticity SDK received updates for 14 vulnerabilities. The Commerce patch resolved issues that could bypass security measures, cause DoS conditions, and execute arbitrary code.

In the Content Authenticity SDK, Adobe addressed one high-severity and 13 medium-severity vulnerabilities, all of which could potentially lead to application DoS.

High-Severity Issues Across Multiple Applications

Additional high-severity code execution vulnerabilities were addressed in several other Adobe applications. These include four vulnerabilities in After Effects, three in Premiere Pro, two each in Media Encoder and Substance 3D Painter, and one in Substance 3D Sampler. The Illustrator update resolved two high-severity code execution issues and two medium-severity flaws that could result in DoS and memory exposure.

For Substance 3D Designer, five medium-severity flaws were patched, with four capable of enabling code execution and one allowing arbitrary file system access.

Adobe has prioritized the Commerce update with a rating of 2, reflecting previous targeting in attacks. All other updates have been assigned a priority rating of 3. Importantly, Adobe has stated there are currently no known instances of these vulnerabilities being exploited in the wild.

For more detailed information, Adobe encourages users to visit their Product Security Incident Response Team (PSIRT) page.

Security Week News Tags:, , , , , , , , , , , , , ,

Related Posts

ICS Patch Tuesday: Major Vendors Address Code Execution Vulnerabilities ICS Patch Tuesday: Major Vendors Address Code Execution Vulnerabilities Security Week News
SonicWall Warns of Trojanized NetExtender Stealing User Information SonicWall Warns of Trojanized NetExtender Stealing User Information Security Week News
Gene Sequencing Giant Illumina Settles for .8M Over Product Vulnerabilities Gene Sequencing Giant Illumina Settles for $9.8M Over Product Vulnerabilities Security Week News
Interpol Targets Infostealers: 20,000 IPs Taken Down, 32 Arrested, 216,000 Victims Notified Interpol Targets Infostealers: 20,000 IPs Taken Down, 32 Arrested, 216,000 Victims Notified Security Week News
Dell Says Data Leaked by Hackers Is Fake Dell Says Data Leaked by Hackers Is Fake Security Week News
DraftKings Hacker Receives Prison Sentence for Cyber Attack DraftKings Hacker Receives Prison Sentence for Cyber Attack Security Week News