Bleeping Computer

Adobe issues emergency fixes for AEM Forms zero-days after PoCs released

Adobe released emergency updates for two zero-day flaws in Adobe Experience Manager (AEM) Forms on JEE after a PoC exploit chain was disclosed that can be used for unauthenticated, remote code ...
Hosted on MSN

This Adobe AEM flaw is as dangerous as they come, and it's already being exploited

Adobe patched two critical AEM flaws enabling code execution and file access without user interaction CISA added CVE-2025-54253 and CVE-2025-54254 to KEV, confirming active exploitation Agencies must ...