2026年5月13日星期三

Adobe Monthly Security Update (May 2026)

Adobe Monthly Security Update (May 2026)

Release Date: 13 May 2026

RISK: Medium Risk

TYPE: Clients - Productivity Products

Adobe has released monthly security update for their products:

Vulnerable Product	Risk Level	Impacts	Notes	Details (including CVE)
Adobe Premiere Pro	Medium Risk	Remote Code Execution		APSB26-46
Adobe Media Encoder	Medium Risk	Remote Code Execution		APSB26-47
Adobe After Effects	Medium Risk	Remote Code Execution		APSB26-48
Adobe Commerce	Medium Risk	Security Restriction Bypass Denial of Service Cross-site Scripting Remote Code Execution Data Manipulation		APSB26-49
Adobe Connect	Medium Risk	Remote Code Execution Elevation of Privilege		APSB26-50
Adobe Illustrator	Medium Risk	Information Disclosure Remote Code Execution Denial of Service		APSB26-51
Substance 3D Designer	Medium Risk	Information Disclosure Remote Code Execution		APSB26-52
Content Authenticity SDK	Medium Risk	Denial of Service		APSB26-53
Substance 3D Sampler	Medium Risk	Remote Code Execution		APSB26-54
Substance 3D Painter	Medium Risk	Remote Code Execution		APSB26-55

Number of 'Extremely High Risk' product(s): 0

Number of 'High Risk' product(s): 0

Number of 'Medium Risk' product(s): 10

Number of 'Low Risk' product(s): 0

Evaluation of overall 'Risk Level': Medium Risk

Impact

Remote Code Execution
Security Restriction Bypass
Denial of Service
Cross-Site Scripting
Data Manipulation
Elevation of Privilege
Information Disclosure

System / Technologies affected

Adobe Premiere 26.0.2 and earlier versions
Adobe Premiere Pro 25.6.4 and earlier versions
Adobe Media Encoder 25.6.4 and earlier versions
Adobe Media Encoder 26.0.2 and earlier versions
Adobe After Effects 25.6.4 and earlier versions
Adobe After Effects 26.0 and earlier versions
Adobe Commerce 2.4.9-beta1
Adobe Commerce 2.4.8-p4 and earlier versions
Adobe Commerce 2.4.7-p9 and earlier versions
Adobe Commerce 2.4.6-p14 and earlier versions
Adobe Commerce 2.4.5-p16 and earlier versions
Adobe Commerce 2.4.4-p17 and earlier versions
Adobe Commerce B2B 1.5.3-beta1
Adobe Commerce B2B 1.5.2-p4 and earlier versions
Adobe Commerce B2B 1.4.2-p9 and earlier versions
Adobe Commerce B2B 1.3.4-p16 and earlier versions
Adobe Commerce B2B 1.3.3-p17 and earlier versions
Magento Open Source 2.4.9-beta1
Magento Open Source 2.4.8-p4 and earlier versions
Magento Open Source 2.4.7-p9 and earlier versions
Magento Open Source 2.4.6-p14 and earlier versions
Adobe Connect Desktop Application 2025.9.15 (Windows) 2025.8.157 (macOS)
Illustrator 2025 29.8.6 and earlier versions
Illustrator 2026 30.3 and earlier versions
Adobe Substance 3D Designer 15.1.0 and earlier versions
Content Authenticity JS SDK @contentauth/c2pa-web@0.7.0
Content Authenticity Rust SDK c2pa-v0.78.2
Adobe Substance 3D Sampler 5.1.3 and earlier versions
Adobe Substance 3D Painter 12.0.2 and earlier versions

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update.

Vulnerability Identifier

https://www.cvedetails.com/vulnerability-list.php?vendor_id=53&year=2026&month=05

Source

Adobe

Related Link

https://helpx.adobe.com/security.html/security/security-bulletin.html

沒有留言:

發佈留言

訂閱：發佈留言 (Atom)