Adobe Issues Security Bulletins for Acrobat and Photoshop
Adobe published security bulletins for Acrobat and Photoshop, identifying vulnerabilities in two widely deployed creative and document-processing products. The advisories, tracked as APSB26-43 for Acrobat and APSB26-40 for Photoshop, were released through Adobe's product security bulletin channel and signal that security updates are available for affected software.
The coordinated disclosures indicate ongoing remediation across Adobe's desktop application portfolio, with organizations using Acrobat for PDF workflows and Photoshop for image editing advised to review the relevant bulletins and apply vendor-provided patches. Because both products are common in enterprise environments, defenders should prioritize update validation and deployment to reduce exposure from unpatched client-side software.
Timeline
Apr 14, 2026
Adobe publishes FrameMaker security bulletin APSB26-36
Adobe released security bulletin APSB26-36 for FrameMaker. The reference provides no additional synopsis or technical details beyond the bulletin publication.
Apr 14, 2026
Adobe publishes AEM Screens security bulletin APSB26-34
Adobe released security bulletin APSB26-34 for AEM Screens. The reference provides no additional synopsis or technical details beyond the bulletin publication.
Apr 14, 2026
Adobe publishes Photoshop security bulletin APSB26-40
Adobe released security bulletin APSB26-40 for Photoshop. The reference provides no additional synopsis or technical details beyond the bulletin publication.
Apr 11, 2026
Adobe publishes Acrobat security bulletin APSB26-43
Adobe released security bulletin APSB26-43 for Acrobat. The reference provides no additional synopsis or technical details beyond the bulletin publication.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Sources
1 more from sources like adobe product advisories
Related Stories
Adobe Issues Security Bulletins for Bridge and Illustrator
Adobe published security bulletins for **Adobe Bridge** (`APSB26-39`) and **Adobe Illustrator** (`APSB26-42`), disclosing product-specific security updates for the two creative applications. The advisories were released through Adobe's product security bulletin channel and indicate that both products received fixes intended to address security issues. The notices provide separate tracking identifiers for each application, signaling distinct remediation guidance for Bridge and Illustrator users and administrators. Organizations using either product should review the relevant Adobe bulletin, identify affected versions, and prioritize deployment of the vendor-provided updates across managed endpoints.
2 weeks ago
Adobe March 2026 Security Updates Across Multiple Products
Adobe published its March 2026 security advisories covering **multiple vulnerabilities** across a broad set of products, with impacts including **remote code execution (RCE)**, **elevation of privilege**, **cross-site scripting (XSS)**, **information disclosure**, **denial of service**, and **security restriction bypass**. Products called out include **Adobe Commerce** (including *Adobe Commerce B2B* and *Magento Open Source*), **Illustrator**, **Acrobat/Reader**, **Premiere Pro**, **Experience Manager (AEM)**, **Substance 3D Painter**, **Substance 3D Stager**, and the **Adobe DNG SDK**. The Hong Kong CERT bulletin characterized the overall risk level of the March release as **Medium**, listing eight medium-risk product advisories (e.g., `APSB26-05`, `APSB26-18`, `APSB26-24`, `APSB26-26`). Canada’s Cyber Centre alert (**AV26-215**) echoed the same advisory set and provided affected version ranges (e.g., *Illustrator 2025* prior to 29.8.4/30.1, *Acrobat/Reader DC* prior to 25.001.21265, *Premiere Pro* prior to 25.5, *AEM* Cloud Service and 6.5 LTS/6.5 SP23 and prior, and *DNG SDK* prior to 1.7.1 build 2471), urging organizations to review Adobe’s advisories and apply the required updates.
1 months ago
Adobe Patches Critical RCE Flaws in FrameMaker Publishing, Commerce, and Magento
Adobe released security updates for multiple critical vulnerabilities affecting **Adobe FrameMaker Publishing Server**, **Adobe Commerce**, **Magento Open Source**, and the **Adobe Commerce Webhooks** extension. The most serious issues include `CVE-2024-30299` and `CVE-2024-30300` in FrameMaker Publishing Server and `CVE-2024-34102` in Adobe Commerce and Magento, with severity reaching **CVSS 10.0**. Successful exploitation could allow **arbitrary code execution**, **security feature bypass**, and **privilege escalation**. Adobe also issued critical fixes for **Adobe Experience Manager**, **Creative Cloud Desktop**, **Photoshop**, and **Substance 3D Stager** to address vulnerabilities that could enable code execution, unauthorized system access, and exposure of sensitive data. National cybersecurity authorities highlighted the breadth and severity of the flaws and urged organizations using affected Adobe products to apply vendor patches immediately in line with Adobe guidance.
6 days ago