Adobe News Articles

Adobe Patches Exploited Zero-Day That Lingered for Months

An attacker has been using maliciously crafted PDF files to exploit a zero-day in Adobe Acrobat and Reader for at least four months.

3 weeks ago

Adobe rolls out emergency fix for Acrobat, Reader zero-day flaw

Adobe has released an emergency security update for Acrobat Reader to fix a vulnerability, tracked as CVE-2026-34621, that has been exploited in zero-day attacks since at least December.

3 weeks ago

IT Security News

Adobe Patches Acrobat Reader 0-Day Vulnerability Exploited in the Wild - IT Security News

Adobe has issued an emergency security patch to neutralize a critical zero-day vulnerability in Acrobat Reader that is currently being exploited in the wild. Tracked as CVE-2026-34621, this severe flaw enables threat actors to achieve arbitrary code execution on compromised machines.…Read more →

3 weeks ago

IT Security News

Adobe issues emergency fix for Acrobat Reader flaw exploited in the wild (CVE-2026-34621) - IT Security News

Adobe has pushed out an emergency security update for Adobe Acrobat Reader, patching a zero-day vulnerability (CVE-2026-34621) exploited in the wild since November 2025. About CVE-2026-34621 CVE-2026-34621 is a critical prototype pollution vulnerability – a type of vulnerability that occurs…Read mor...

3 weeks ago

Help Net Security

Adobe issues emergency fix for Acrobat Reader flaw exploited in the wild (CVE-2026-34621) - Help Net Security

Adobe releases emergency security update for Adobe Acrobat Reader, patching a zero-day flaw (CVE-2026-34621) exploited in the wild.

3 weeks ago

Cyber Security News

Adobe Patches Acrobat Reader 0-Day Vulnerability Exploited in the Wild

Adobe patched Adobe Acrobat Reader for a critical zero-day enabling remote code execution, actively exploited in the wild.

3 weeks ago

Securityweek

Adobe Patches Reader Zero-Day Exploited for Months

Adobe released emergency patches for CVE-2026-34621, a critical Acrobat and Reader zero-day that has been exploited in the wild.

3 weeks ago

Neowin Net

Adobe brings Security Updates to tackle CVE-2026-34621 vulnerability

Adobe has brought in updates to fix a critical vulnerability that was allowing attackers to access users' system local files.

3 weeks ago

The Hacker News

Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621

Adobe patches CVE-2026-34621 after active exploitation since Dec 2025, preventing remote code execution via malicious PDFs.

3 weeks ago

CyberSecurityNews

Magento Input Validation Vulnerability Exploited In Wild To Hijack Session And Execute Malicious Codes

A critical vulnerability in Magento, the popular e-commerce platform, is now rebranded as Adobe Commerce. Dubbed SessionReaper and tracked as CVE-2025-54236, this improper input validation flaw allows attackers to hijack user sessions and, in some cases, execute malicious code remotely.

247news.com.pk

CVE-2025-54236 CVE-2025-59287

Hackers Can Hijack Accounts Without Logging In ‘SessionReaper’ Critical Flaw Hits Adobe Commerce and Magento - 247News

The National Computer Emergency Response Team (NCERT) has warned of a critical vulnerability—tracked as CVE-2025-54236 and dubbed SessionReaper in Adobe Commerce and Magento Open Source that allows attackers

Security Affairs

Security Affairs newsletter Round 547 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs in your email box

BornCity

CVE-2025-54236 CVE-2025-59287

Critical vulnerability CVE-2025-54236 in Adobe Commerce (Magento) | Born's Tech and Windows World

[German]A critical vulnerability, CVE-2025-54236, has been found in Adobe Commerce software (formerly Magento). Adobe Commerce allows unauthenticated attackers to upload files and, ultimately, even take over...

Security Affairs

U.S. CISA adds Microsoft WSUS, and Adobe Commerce and Magento Open Source flaws to its Known Exploited Vulnerabilities catalog

The U.S. CISA added Microsoft WSUS, and Adobe Commerce and Magento Open Source flaws to its Known Exploited Vulnerabilities (KEV) catalog.

Dark Reading

Fear the 'SessionReaper': Adobe Bug Under Attack

CVE-2025-54236 is a critical flaw in Adobe Commerce (formerly Magento) that allows attackers to remotely take over sessions on the e-commerce platform.

Cyber Press

Hackers Exploit Magento, Adobe Commerce RCE to Deploy Webshells

The flaw, tracked as CVE-2025-54236 and dubbed SessionReaper, enables remote code execution and customer account takeover on thousands of online stores.

Help Net Security

Critical Adobe Commerce, Magento vulnerability under attack (CVE-2025-54236) - Help Net Security

Attackers are trying to exploit CVE-2025-54236, a critical vulnerability affecting Adobe Commerce and Magento Open Source.

Security Affairs

Over 250 attacks hit Adobe Commerce and Magento via critical CVE-2025-54236 flaw

Hackers exploit CVE-2025-54236 in Adobe Commerce and Magento to hijack accounts via REST API. Over 250 attacks in 24 hours.

The Hacker News

Over 250 Magento Stores Hit Overnight as Hackers Exploit New Adobe Commerce Flaw

Sansec reports 250+ attacks exploiting Adobe Commerce flaw CVE-2025-54236; 62% of stores remain unpatched.

SecurityWeek

Exploitation of Critical Adobe Commerce Flaw Puts Many eCommerce Sites at Risk

Hackers have started exploiting CVE-2025-54236, a critical-severity vulnerability in Adobe Commerce and Magento Open Source.

Hackers exploiting critical "SessionReaper" flaw in Adobe Magento

Hackers are actively exploiting the critical SessionReaper vulnerability (CVE-2025-54236) in Adobe Commerce (formerly Magento) platforms, with hundreds of attempts recorded. The activity was spotted by...

Hackers exploiting critical "SessionReaper" flaw in Adobe Magento

Hackers are actively exploiting the critical SessionReaper vulnerability (CVE-2025-54236) in Adobe Commerce (formerly Magento) platforms, with hundreds of attempts recorded.