Adobe Monthly Security Update (June 2026)

Release Date: 10 Jun 2026

RISK: Medium Risk

TYPE: Clients - Productivity Products

Adobe has released monthly security update for their products:

 

Vulnerable Product	Risk Level	Impacts	Notes	Details (including CVE)
Adobe Experience Manager	Medium Risk	Cross-site Scripting Remote Code Execution Security Restriction Bypass		APSB26-56
Adobe Experience Manager Forms	Medium Risk	Cross-site Scripting Remote Code Execution		APSB26-57
Adobe InDesign	Medium Risk	Remote Code Execution Denial of Service Information Disclosure		APSB26-58
Adobe InCopy	Medium Risk	Remote Code Execution		APSB26-59
Substance 3D Sampler	Medium Risk	Remote Code Execution		APSB26-60
Content Credentials SDK	Medium Risk	Denial of Service Data Manipulation		APSB26-61
Adobe Dreamweaver	Medium Risk	Remote Code Execution Information Disclosure		APSB26-62
Adobe Acrobat Reader	Medium Risk	Remote Code Execution Denial of Service		APSB26-63
Adobe ColdFusion	Medium Risk	Remote Code Execution Security Restriction Bypass Elevation of Privilege Information Disclosure Cross-site Scripting		APSB26-64
Adobe Format Plugins	Medium Risk	Remote Code Execution		APSB26-65
Adobe Campaign Classic	Medium Risk	Remote Code Execution		APSB26-66

 

Number of 'Extremely High Risk' product(s): 0

Number of 'High Risk' product(s): 0

Number of 'Medium Risk' product(s): 11

Number of 'Low Risk' product(s): 0

Evaluation of overall 'Risk Level': Medium Risk

---

Impact

• Remote Code Execution
• Security Restriction Bypass
• Denial of Service
• Cross-Site Scripting
• Data Manipulation
• Elevation of Privilege
• Information Disclosure

---

System / Technologies affected

• Adobe Experience Manager (AEM) AEM Cloud Service (CS)
• Adobe Experience Manager (AEM) 6.5 LTS SP1 and earlier versions
• Adobe Experience Manager (AEM) SP24 and earlier versions
• Adobe Experience Manager 6.5 LTS SP1 and earlier versions
• Adobe Experience Manager 6.5 6.5.24.0 and earlier versions
• Adobe InDesign ID21.3 and earlier versions
• Adobe InDesign ID20.5.3 and earlier versions
• Adobe InCopy  21.3 and earlier versions
• Adobe InCopy  20.5.3 and earlier versions
• Adobe Substance 3D Sampler 6.0.0 and earlier versions
• Content Credentials JS SDK @contentauth/c2pa-web@0.7.1 and earlier versions
• Content Credentials Rust SDK c2pa-v0.80.1 and earlier versions
• Adobe Dreamweaver  21.7 and earlier versions
• Adobe Acrobat 26.001.21651 and earlier versions
• Acrobat Reader 26.001.21651 and earlier versions
• Acrobat 2024 24.001.30365 and earlier versions
• ColdFusion 2025 Update 8 and earlier versions
• ColdFusion 2023 Update 19 and earlier versions
• Adobe Format Plugins 1.1.2 and earlier versions
• Adobe Campaign Classic ACC v7: 7.4.3 build 9394 and earlier versions

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

• Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update.

---

Vulnerability Identifier

• https://www.cvedetails.com/vulnerability-list.php?vendor_id=53&year=2026&month=06

---

Source

• Adobe

---

Related Link

• https://helpx.adobe.com/security.html/security/security-bulletin.html