Adobe Patch Tuesday headlined by a major Adobe ColdFusion update patching a wide swatch of code execution and privilege escalation attacks.
May 13, 2025 By Ryan Naraine
Software maker Adobe has released patches for at least 39 vulnerabilities across a range of products alongside warnings about remote code execution exploit risks.
The Patch Tuesday rollout is headlined by a major Adobe ColdFusion update that addresses a wide swatch of code execution and privilege escalation attacks.
The Adobe ColdFusion bulletin documents 7 distinct vulnerabilities marked as “critical” and Adobe warned that these “could lead to arbitrary file system read, arbitrary code execution and privilege escalation. The critical bugs carry a CVSS severity score of 9.1/10.
The widely deployed Adobe Photoshop software was also updated to fix three critical-severity bugs with code execution risks and the company also flagged a critical bug in Adobe Illustrator that should be patched with urgency.
