Adobe has published security advisories for the following products to address vulnerabilities in the following products on September 10, 2025. It is recommended that you take the necessary precautions by ensuring your products are always updated.
- Acrobat DC – version Win – 25.001.20672, Mac – 25.001.20668 and prior
- Acrobat Reader DC – version Win – 25.001.20672, Mac – 25.001.20668 and prior
- Acrobat 2024 – version Win & Mac – 24.001.30254 and prior
- Acrobat 2020 – version Win & Mac – 20.005.30774 and prior
- Acrobat Reader 2020 – version Win & Mac – 20.005.30774 and prior
- Adobe After Effects – version 24.6.7 and prior
- Adobe After Effects – version 25.3 and prior
- Adobe Premiere Pro – version 25.3 and prior
- Adobe Premiere Pro – version 24.6.5 and prior
- Adobe Commerce – multiple versions
- Adobe Commerce B2B – multiple versions
- Magento Open Source – multiple versions
- Adobe Substance 3D Viewer – version 0.25.1 and prior
- Adobe Experience Manager (AEM) – version AEM Cloud Service (CS)
- Adobe Experience Manager (AEM) version 6.5 LTS SP1 and prior
- Adobe Experience Manager (AEM) – version 6.5.23 and prior
- Adobe Dreamweaver – version 21.5 and prior
- Adobe Substance 3D Modeler – version 1.22.2 and prior
- ColdFusion 2025 – version Update 3 and prior
- ColdFusion 2023 – version Update 15 and prior
- ColdFusion 2021 – version Update 21 and prior
For more information on these updates, you can follow these URLs:
SessionReaper attacks have started, 3 in 5 stores still vulnerable
Security update available for Adobe Commerce | APSB25-88
Security updates available for Adobe ColdFusion | APSB25-93
Update 1
On October 22, 2025, open-source reporting highlighted that CVE-2025-54236 affecting Adobe Commerce is being actively exploited in the wild.
The Guyana National CIRT recommends that users and administrators review this update and apply it where necessary.
References