- What: Adobe released a security update for Adobe Commerce
- Impact: Affected versions are vulnerable to multiple security issues including remote code execution and cross-site scripting
Adobe has released monthly security update for their products: Vulnerable Product Risk Level Impacts Notes Details (including CVE) Adobe Commerce Medium Risk Cross-site Scripting Elevation of Privilege Security Restriction Bypass Remote Code Execution Information Disclosure... Impact Remote Code Execution Denial of Service Information Disclosure Cross-Site Scripting Elevation of Privilege Security Restriction Bypass System / Technologies affected Adobe Commerce 2.4.9-alpha3 and earlier versions Adobe Commerce 2.4.8‑p3 and earlier versions Adobe Commerce 2.4.7-p8 and earlier versions Adobe Commerce 2.4.6-p13 and earlier versions Adobe Commerce 2.4.5-p15 and earlier versions Adobe Commerce 2.4.4-p16 and earlier versions Adobe Commerce B2B 1.5.3-alpha3 and earlier versions Adobe Commerce B2B 1.5.2‑p3 and earlier versions Adobe Commerce B2B 1.4.2-p8 and earlier versions Adobe Commerce B2B 1.3.5-p13 and earlier versions Adobe Commerce B2B 1.3.4-p15 and earlier versions Adobe Commerce B2B 1.3.3-p16 and earlier versions Magento Open Source 2.4.9-alpha3 Magento Open Source 2.4.8-p3 and earlier versions Magento Open Source 2.4.7-p8 and earlier versions Magento Open Source 2.4.6-p13 and earlier versions Magento Open Source 2.4.5-p15 and earlier versions Illustrator 2025 29.8.4 and earlier versions Illustrator 2026 30.1 and earlier versions Adobe Substance 3D Painter 11.1.2 and earlier versions Acrobat DC 25.001.21265 and earlier versions Acrobat Reader DC 25.001.21265 and earlier versions Acrobat 2024 Win - 24.001.30307 and earlier versions Acrobat 2024 Mac - 24.001.30308 and earlier versions Adobe Premiere Pro 25.5 and earlier versions Adobe Experience Manager (AEM) AEM Cloud Service (CS) Adobe Experience Manager (AEM) 6.5 LTS SP1 and earlier versions Adobe Experience Manager (AEM) 6.5.SP23 and earlier versions Adobe Substance 3D Stager 3.1.7 and earlier versions Adobe DNG Software Development Kit (SDK) DNG SDK 1.7.1 build 2471 and earlier versions Solutions Before installation of the software, please visit the vendor web-site for more details. Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update.