Adobe Monthly Security Update (May 2026)

Release Date: 13 May 2026 22248 Views

RISK: Medium Risk

Medium Risk

TYPE: Clients - Productivity Products

TYPE: Productivity Products

Adobe has released monthly security update for their products:

 

Vulnerable ProductRisk LevelImpactsNotesDetails (including CVE)
Adobe Premiere ProMedium Risk Medium RiskRemote Code Execution APSB26-46
Adobe Media EncoderMedium Risk Medium RiskRemote Code Execution APSB26-47
Adobe After EffectsMedium Risk Medium RiskRemote Code Execution APSB26-48
Adobe CommerceMedium Risk Medium RiskSecurity Restriction Bypass
Denial of Service
Cross-site Scripting
Remote Code Execution
Data Manipulation		 APSB26-49
Adobe ConnectMedium Risk Medium RiskRemote Code Execution
Elevation of Privilege		 APSB26-50
Adobe IllustratorMedium Risk Medium Risk

Information Disclosure

Remote Code Execution
Denial of Service

 APSB26-51
Substance 3D DesignerMedium Risk Medium RiskInformation Disclosure
Remote Code Execution		 APSB26-52
Content Authenticity SDKMedium Risk Medium RiskDenial of Service APSB26-53
Substance 3D SamplerMedium Risk Medium RiskRemote Code Execution APSB26-54
Substance 3D PainterMedium Risk Medium RiskRemote Code Execution APSB26-55

 

Number of 'Extremely High Risk' product(s): 0

Number of 'High Risk' product(s): 0

Number of 'Medium Risk' product(s): 10

Number of 'Low Risk' product(s): 0

Evaluation of overall 'Risk Level': Medium Risk

Impact

  • Remote Code Execution
  • Security Restriction Bypass
  • Denial of Service
  • Cross-Site Scripting
  • Data Manipulation
  • Elevation of Privilege
  • Information Disclosure

System / Technologies affected

  • Adobe Premiere 26.0.2 and earlier versions
  • Adobe Premiere Pro 25.6.4 and earlier versions
  • Adobe Media Encoder 25.6.4 and earlier versions
  • Adobe Media Encoder 26.0.2 and earlier versions
  • Adobe After Effects 25.6.4 and earlier versions
  • Adobe After Effects 26.0 and earlier versions
  • Adobe Commerce 2.4.9-beta1
  • Adobe Commerce 2.4.8-p4 and earlier versions
  • Adobe Commerce 2.4.7-p9 and earlier versions
  • Adobe Commerce 2.4.6-p14 and earlier versions
  • Adobe Commerce 2.4.5-p16 and earlier versions
  • Adobe Commerce 2.4.4-p17 and earlier versions
  • Adobe Commerce B2B 1.5.3-beta1
  • Adobe Commerce B2B 1.5.2-p4 and earlier versions
  • Adobe Commerce B2B 1.4.2-p9 and earlier versions
  • Adobe Commerce B2B 1.3.4-p16 and earlier versions
  • Adobe Commerce B2B 1.3.3-p17 and earlier versions
  • Magento Open Source 2.4.9-beta1
  • Magento Open Source 2.4.8-p4 and earlier versions
  • Magento Open Source 2.4.7-p9 and earlier versions
  • Magento Open Source 2.4.6-p14 and earlier versions
  • Adobe Connect Desktop Application 2025.9.15 (Windows) 2025.8.157 (macOS)
  • Illustrator 2025 29.8.6 and earlier versions
  • Illustrator 2026 30.3 and earlier versions
  • Adobe Substance 3D Designer 15.1.0 and earlier versions
  • Content Authenticity JS SDK @contentauth/[email protected]
  • Content Authenticity Rust SDK c2pa-v0.78.2
  • Adobe Substance 3D Sampler 5.1.3 and earlier versions
  • Adobe Substance 3D Painter 12.0.2 and earlier versions

Solutions

Before installation of the software, please visit the vendor web-site for more details.

  • Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update.

Vulnerability Identifier

Source

Related Link

Related Tags

AdobeRemote Code ExecutionSecurity Restriction BypassDenial of ServiceCross Site ScriptingData ManipulationElevation of PrivilegeInformation Disclosure

Share with

Previous

Fortinet Products Multiple Vulnerabilities

13 May 2026 20395 Views

Next

Linux Kernel Elevation of Privilege Vulnerability

4 May 2026 13214 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY