Every CVE whose affected-product data names Adobe Connect, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (74)
CVE-2017-11291 — CVSS 10.0 (critical): An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A Server-Side Request Forgery (SSRF) vulnerability exists that could…
CVE-2018-12804 — CVSS 9.8 (critical): Adobe Connect versions 9.7.5 and earlier have an Authentication Bypass vulnerability. Successful exploitation could lead to session…
CVE-2021-40719 — CVSS 9.8 (critical): Adobe Connect version 11.2.3 (and earlier) is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary method…
CVE-2016-0949 — CVSS 9.8 (critical): Adobe Connect before 9.5.2 allows remote attackers to have an unspecified impact via a crafted parameter in a URL.
CVE-2023-4661 — CVSS 9.8 (critical): Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saphira Saphira Connect allows SQL…
CVE-2023-4662 — CVSS 9.8 (critical): Execution with Unnecessary Privileges vulnerability in Saphira Saphira Connect allows Remote Code Inclusion. This issue affects Saphira…
CVE-2018-12805 — CVSS 9.8 (critical): Adobe Connect versions 9.7.5 and earlier have an Insecure Library Loading vulnerability. Successful exploitation could lead to privilege…
CVE-2026-27303 — CVSS 9.6 (critical): Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in…
CVE-2026-27243 — CVSS 9.3 (critical): Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could…
CVE-2025-43567 — CVSS 9.3 (critical): Adobe Connect versions 12.8 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability that could be abused by an…
CVE-2024-54032 — CVSS 9.3 (critical): Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by…
CVE-2024-54034 — CVSS 9.3 (critical): Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is…
CVE-2024-54036 — CVSS 9.3 (critical): Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by…
CVE-2026-27246 — CVSS 9.3 (critical): Adobe Connect versions 2025.3, 12.10 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could…
CVE-2026-34615 — CVSS 9.3 (critical): Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in…
CVE-2026-27245 — CVSS 9.3 (critical): Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could…
CVE-2025-49553 — CVSS 9.3 (critical): Adobe Connect versions 12.9 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an…
CVE-2018-4923 — CVSS 9.1 (critical): Adobe Connect versions 9.7 and earlier have an exploitable OS Command Injection. Successful exploitation could lead to arbitrary file…
CVE-2016-0948 — CVSS 8.8 (high): Cross-site request forgery (CSRF) vulnerability in Adobe Connect before 9.5.2 allows remote attackers to hijack the authentication of…
CVE-2023-4665 — CVSS 8.8 (high): Incorrect Execution-Assigned Permissions vulnerability in Saphira Saphira Connect allows Privilege Escalation. This issue affects Saphira…
CVE-2026-34617 — CVSS 8.7 (high): Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Cross-Site Scripting (XSS) vulnerability that could result in privilege…
CVE-2025-49552 — CVSS 8.1 (high): Adobe Connect versions 12.9 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by a…
CVE-2024-54037 — CVSS 8.1 (high): Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be…
CVE-2021-21085 — CVSS 7.8 (high): Adobe Connect version 11.0.7 (and earlier) is affected by an Input Validation vulnerability in the export feature. An attacker could…
CVE-2016-4118 — CVSS 7.8 (high): Untrusted search path vulnerability in the installer in Adobe Connect Add-In before 11.9.976.291 on Windows allows local users to gain…
CVE-2018-4994 — CVSS 7.5 (high): Adobe Connect versions 9.7.5 and earlier have an exploitable Authentication Bypass vulnerability. Successful exploitation could lead to…
CVE-2017-3101 — CVSS 7.5 (high): Adobe Connect versions 9.6.1 and earlier have a clickjacking vulnerability. Successful exploitation could lead to a clickjacking attack.
CVE-2018-4921 — CVSS 6.1 (medium): Adobe Connect versions 9.7 and earlier have an exploitable unrestricted SWF file upload vulnerability. Successful exploitation could lead…
CVE-2016-7851 — CVSS 6.1 (medium): Adobe Connect version 9.5.6 and earlier does not adequately validate input in the events registration module. This vulnerability could be…
CVE-2017-11287 — CVSS 6.1 (medium): An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A reflected cross-site scripting vulnerability exists that can result…
CVE-2017-11288 — CVSS 6.1 (medium): An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A reflected cross-site scripting vulnerability exists that can result…
CVE-2017-11289 — CVSS 6.1 (medium): An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A reflected cross-site scripting vulnerability exists that can result…
CVE-2017-11290 — CVSS 6.1 (medium): An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A UI Redress (or Clickjacking) vulnerability exists. This issue has…
CVE-2017-3102 — CVSS 6.1 (medium): Adobe Connect versions 9.6.1 and earlier have a reflected cross-site scripting vulnerability. Successful exploitation could lead to a…
CVE-2017-3103 — CVSS 6.1 (medium): Adobe Connect versions 9.6.1 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to a stored…
CVE-2020-24442 — CVSS 6.1 (medium): Adobe Connect version 11.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to…
CVE-2020-24443 — CVSS 6.1 (medium): Adobe Connect version 11.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to…
CVE-2021-21079 — CVSS 6.1 (medium): Adobe Connect version 11.0.7 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could exploit…
CVE-2021-21080 — CVSS 6.1 (medium): Adobe Connect version 11.0.7 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could exploit…
CVE-2021-40721 — CVSS 6.1 (medium): Adobe Connect version 11.2.3 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to…
CVE-2023-29305 — CVSS 6.1 (medium): Adobe Connect versions 12.3 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to…
CVE-2023-29306 — CVSS 6.1 (medium): Adobe Connect versions 12.3 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to…
CVE-2023-4663 — CVSS 6.1 (medium): Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Saphira Saphira Connect allows Reflected…
CVE-2024-49550 — CVSS 6.1 (medium): Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is…
CVE-2024-54042 — CVSS 6.1 (medium): Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an unauthenticated…
CVE-2024-54043 — CVSS 6.1 (medium): Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an unauthenticated…
CVE-2024-54044 — CVSS 6.1 (medium): Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an unauthenticated…
CVE-2024-54045 — CVSS 6.1 (medium): Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an unauthenticated…
CVE-2024-54046 — CVSS 6.1 (medium): Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an unauthenticated…
CVE-2024-54047 — CVSS 6.1 (medium): Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an unauthenticated…
CVE-2024-54048 — CVSS 6.1 (medium): Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an unauthenticated…
CVE-2024-54049 — CVSS 6.1 (medium): Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is…
CVE-2024-54050 — CVSS 6.1 (medium): Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. An…
CVE-2024-54051 — CVSS 6.1 (medium): Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. An…
CVE-2025-30314 — CVSS 6.1 (medium): Adobe Connect versions 12.8 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an…
CVE-2025-30315 — CVSS 6.1 (medium): Adobe Connect versions 12.8 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an…
CVE-2026-21331 — CVSS 6.1 (medium): Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is…
CVE-2026-34614 — CVSS 6.1 (medium): Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is…
CVE-2021-36061 — CVSS 5.4 (medium): Adobe Connect version 11.2.2 (and earlier) is affected by a secure design principles violation vulnerability via the 'pbMode' parameter. An…
CVE-2021-36063 — CVSS 5.4 (medium): Adobe Connect version 11.2.2 (and earlier) is affected by a Reflected Cross-site Scripting vulnerability that could be abused by an…
CVE-2024-54039 — CVSS 5.4 (medium): Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by…
CVE-2024-54040 — CVSS 5.4 (medium): Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by…
CVE-2024-54041 — CVSS 5.4 (medium): Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by…
CVE-2021-36062 — CVSS 5.4 (medium): Adobe Connect version 11.2.2 (and earlier) is affected by a Reflected Cross-site Scripting vulnerability that could be abused by an…
CVE-2025-30316 — CVSS 5.4 (medium): Adobe Connect versions 12.8 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low…
CVE-2018-19718 — CVSS 5.3 (medium): Adobe Connect versions 9.8.1 and earlier have a session token exposure vulnerability. Successful exploitation could lead to exposure of the…
CVE-2023-22232 — CVSS 5.3 (medium): Adobe Connect versions 11.4.5 (and earlier), 12.1.5 (and earlier) are affected by an Improper Access Control vulnerability that could…
CVE-2016-0950 — CVSS 5.3 (medium): Adobe Connect before 9.5.2 allows remote attackers to spoof the user interface via unspecified vectors.
CVE-2025-54196 — CVSS 4.3 (medium): Adobe Connect versions 12.9 and earlier are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. An attacker…
CVE-2015-0343 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in admin/home/homepage/search in the web app in Adobe Connect before 9.4 allows remote attackers…
CVE-2024-54038 — CVSS 4.3 (medium): Adobe Connect versions 12.6, 11.4.7 and earlier are affected by an Improper Access Control vulnerability that could result in a Security…
CVE-2021-28579 — CVSS 4.3 (medium): Adobe Connect version 11.2.1 (and earlier) is affected by an Improper access control vulnerability that can lead to the elevation of…
CVE-2015-0344 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the web app in Adobe Connect before 9.4 allows remote attackers to inject arbitrary web script…