网安资讯详情 - SecLens 情报雷达

Security updates available for Adobe Experience Manager | APSB26-56

来源： adobe_security · 发布时间 2026-06-09 08:00 (UTC+08:00) · 抓取时间 2026-06-17 18:35 (UTC+08:00)

原文链接

摘要

Adobe has released updates for Adobe Experience Manager (AEM). This update resolves vulnerabilities rated important and moderate . Successful exploitation of these vulnerabilities could result in arbitrary code execution and security feature bypass.

正文

Adobe has released updates for Adobe Experience Manager (AEM). This update resolves vulnerabilities rated important and moderate . Successful exploitation of these vulnerabilities could result in arbitrary code execution and security feature bypass. Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates. Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version: Customers running on Adobe Experience Manager’s Cloud Service will automatically receive updates that include new features as well as security and functionality bug fixes. Experience Manager Security Considerations: AEM as a Cloud Service Security Considerations Anonymous Permission Hardening Package Please contact Adobe customer care for assistance with AEM versions 6.4, 6.3 and 6.2. Affected products: - Adobe Experience Manager (AEM) | AEM Cloud Service (CS) | All Solutions: - Adobe Experience Manager (AEM) | AEM Cloud Service (CS) Release 2026.05 | All (Priority 3; Release Notes) - Adobe Experience Manager (AEM) | 6.5 LTS Service Pack 2 | All (Priority 3; Release Notes) - Adobe Experience Manager (AEM) | 6.5 Service Pack 25 | All (Priority 3; Release Notes) If a customer is using Apache httpd in a proxy with a non-default configuration, they may be impacted by CVE-2023-25690 - please read more here: https://httpd.apache.org/security/vulnerabilities_24.html Vulnerabilities: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Acknowledgment: Adobe would like to thank the following for reporting these issues and for working with Adobe to help protect our customers: Acknowledgment: green-jam: CVE-2026-47936, CVE-2026-47941, CVE-2026-47943, CVE-2026-47944, CVE-2026-47945, CVE-2026-47946, CVE-2026-47947, CVE-2026-47948, CVE-2026-47949, CVE-2026-47950, CVE-2026-47951, CVE-2026-47953, CVE-2026-47954, CVE-2026-47956, CVE-2026-47957, CVE-2026-47958, CVE-2026-47962, CVE-2026-47966, CVE-2026-47970, CVE-2026-47972, CVE-2026-47981, CVE-2026-47982, CVE-2026-47983, CVE-2026-47985, CVE-2026-47986, CVE-2026-47987, CVE-2026-47989, CVE-2026-47993, CVE-2026-34692, CVE-2026-48250, CVE-2026-48251, CVE-2026-48256, CVE-2026-48258, CVE-2026-48264, CVE-2026-48265, CVE-2026-48266, CVE-2026-48268, CVE-2026-48271, CVE-2026-48280, CVE-2026-48297 Acknowledgment: anonymous_blackzero : CVE-2026-47939, CVE-2026-47973, CVE-2026-47974, CVE-2026-47975, CVE-2026-47977, CVE-2026-47978, CVE-2026-47980, CVE-2026-48288, CVE-2026-48289, CVE-2026-48299, CVE-2026-48300, CVE-2026-48301, CVE-2026-48304 Acknowledgment: lpi: CVE-2026-47935, CVE-2026-47942 Acknowledgment: Marco Ventura, Claudia Bartolini and Massimiliano Brolli of TIM Security Red Team Research - TIM S.p.A : CVE-2026-47990 Acknowledgment: NOTE: Adobe has a public bug bounty program with HackerOne. If you are interested in working with Adobe as an external security researcher, please check out https://hackerone.com/adobe

标签

• contains:cve
• priority:3
• product:adobe-experience-manager-aem
• vendor:adobe

扩展字段

{
  "acknowledgments": [
    "Adobe would like to thank the following for reporting these issues and for working with Adobe to help protect our customers:",
    "green-jam: CVE-2026-47936, CVE-2026-47941, CVE-2026-47943, CVE-2026-47944, CVE-2026-47945, CVE-2026-47946, CVE-2026-47947, CVE-2026-47948, CVE-2026-47949, CVE-2026-47950, CVE-2026-47951, CVE-2026-47953, CVE-2026-47954, CVE-2026-47956, CVE-2026-47957, CVE-2026-47958, CVE-2026-47962, CVE-2026-47966, CVE-2026-47970, CVE-2026-47972, CVE-2026-47981, CVE-2026-47982, CVE-2026-47983, CVE-2026-47985, CVE-2026-47986, CVE-2026-47987, CVE-2026-47989, CVE-2026-47993, CVE-2026-34692, CVE-2026-48250, CVE-2026-48251, CVE-2026-48256, CVE-2026-48258, CVE-2026-48264, CVE-2026-48265, CVE-2026-48266, CVE-2026-48268, CVE-2026-48271, CVE-2026-48280, CVE-2026-48297",
    "anonymous_blackzero : CVE-2026-47939, CVE-2026-47973, CVE-2026-47974, CVE-2026-47975, CVE-2026-47977, CVE-2026-47978, CVE-2026-47980, CVE-2026-48288, CVE-2026-48289, CVE-2026-48299, CVE-2026-48300, CVE-2026-48301, CVE-2026-48304",
    "lpi: CVE-2026-47935, CVE-2026-47942",
    "Marco Ventura, Claudia Bartolini and Massimiliano Brolli of TIM Security Red Team Research - TIM S.p.A : CVE-2026-47990",
    "NOTE: Adobe has a public bug bounty program with HackerOne. If you are interested in working with Adobe as an external security researcher, please check out https://hackerone.com/adobe"
  ],
  "affected_products": [
    {
      "platform": "All",
      "product": "Adobe Experience Manager (AEM)",
      "version": "AEM Cloud Service (CS)"
    }
  ],
  "bulletin_id": "APSB26-56",
  "detail_url": "https://helpx.adobe.com/security/products/experience-manager/apsb26-56.html",
  "last_updated": "06/09/2026",
  "originally_posted": "06/09/2026",
  "priority": "3",
  "solution_paragraphs": [
    "Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version:",
    "Customers running on Adobe Experience Manager’s Cloud Service will automatically receive updates that include new features as well as security and functionality bug fixes.",
    "Experience Manager Security Considerations:",
    "AEM as a Cloud Service Security Considerations Anonymous Permission Hardening Package",
    "Please contact Adobe customer care for assistance with AEM versions 6.4, 6.3 and 6.2."
  ],
  "solutions": [
    {
      "availability": "Release Notes",
      "availability_url": "https://experienceleague.adobe.com/en/docs/experience-manager-cloud-service/content/release-notes/release-notes/release-notes-current",
      "platform": "All",
      "priority": "3",
      "product": "Adobe Experience Manager (AEM)",
      "version": "AEM Cloud Service (CS) Release 2026.05"
    },
    {
      "availability": "Release Notes",
      "availability_url": "https://experienceleague.adobe.com/en/docs/experience-manager-65-lts/content/release-notes/release-notes",
      "platform": "All",
      "priority": "3",
      "product": "Adobe Experience Manager (AEM)",
      "version": "6.5 LTS Service Pack 2"
    },
    {
      "availability": "Release Notes",
      "availability_url": "https://experienceleague.adobe.com/en/docs/experience-manager-65/content/release-notes/release-notes",
      "platform": "All",
      "priority": "3",
      "product": "Adobe Experience Manager (AEM)",
      "version": "6.5 Service Pack 25"
    }
  ],
  "summary_paragraphs": [
    "Adobe has released updates for Adobe Experience Manager (AEM). This update resolves vulnerabilities rated important and moderate . Successful exploitation of these vulnerabilities could result in arbitrary code execution and security feature bypass.",
    "Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates."
  ],
  "vulnerabilities": [
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {},
    {}
  ],
  "vulnerability_paragraphs": [
    "If a customer is using Apache httpd in a proxy with a non-default configuration, they may be impacted by CVE-2023-25690 - please read more here: https://httpd.apache.org/security/vulnerabilities_24.html"
  ]
}