Adobe has released patches for nearly twenty vulnerabilities across nine major products, addressing critical flaws in ColdFusion and Commerce that pose significant exploitation risks. Although no active exploitation has been reported, these vulnerabilities are highly prioritized for immediate remediation to prevent potential attacks. #ColdFusion #CVE202554261 #Commerce #Magento #AdobeUpdate
Keypoints
- Adobe patched nearly twenty security flaws in nine products during September 2025 Patch Tuesday.
- The ColdFusion vulnerability CVE-2025-54261 is a critical path traversal flaw impacting multiple versions.
- There is a history of threat actors exploiting ColdFusion vulnerabilities like CVE-2024-20767 in active campaigns.
- Vulnerabilities in Commerce and Magento can allow security feature bypasses and are often targeted in attacks.
- Other Adobe products affected include Acrobat, Premiere Pro, and Substance 3D, with fixes for high and medium severity issues.
Read More: https://www.securityweek.com/adobe-patches-critical-coldfusion-and-commerce-vulnerabilities/