Experience Manager Forms

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-54254 HIGH This Month

Adobe Experience Manager versions 6.5.23 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could lead to arbitrary file system read. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Adobe Experience Manager Forms
NVD
CVSS 3.1
8.6
EPSS
0.2%
CVE-2025-54253 CRITICAL POC KEV THREAT Emergency

Adobe Experience Manager versions 6.5.23 and earlier contain a misconfiguration vulnerability enabling unauthenticated remote code execution with changed scope (CVSS 10.0).

Authentication Bypass RCE Adobe Experience Manager Forms
NVD
CVSS 3.1
10.0
EPSS
12.8%
CVE-2025-54254
EPSS 0% CVSS 8.6
HIGH This Month

Adobe Experience Manager versions 6.5.23 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could lead to arbitrary file system read. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Adobe Experience Manager Forms
NVD
CVE-2025-54253
EPSS 13% CVSS 10.0
CRITICAL POC KEV THREAT Emergency

Adobe Experience Manager versions 6.5.23 and earlier contain a misconfiguration vulnerability enabling unauthenticated remote code execution with changed scope (CVSS 10.0).

Authentication Bypass RCE Adobe +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy