Adobe released security updates fixing 123 vulnerabilities across 11 products, affecting organizations and users running Experience Manager, ColdFusion, Acrobat Reader and other Adobe software. The biggest group is 57 flaws in Adobe Experience Manager, while ColdFusion and Campaign Classic include the highest-priority issues, with two Campaign Classic remote-code-execution bugs rated CVSS 10. Adobe said it has no evidence of in-the-wild exploitation and did not list CVE IDs in this report, but marked the ColdFusion and Campaign Classic issues as priority 1, meaning exploitation is more likely.
Why it matters: Organizations using Adobe server products should review and apply these updates promptly, especially for ColdFusion and Campaign Classic, because remote-code-execution bugs can let attackers take over systems. End users should update Acrobat and Reader through normal patch channels.
Eduard Kovacs
2026.06.09
100% relevant
This article establishes a distinct June 2026 Adobe patch cycle story covering a large set of vulnerabilities across multiple Adobe products, with especially important fixes in ColdFusion and Campaign Classic.
← Back to all stories