Alert GCSA-26006 - Adobe Monthly Security Update - gennaio 2026
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
******************************************************************
alert ID: GCSA-26006
data: 14 Gennaio 2026
titolo: Adobe Monthly Security Update - gennaio 2026
******************************************************************
:: Descrizione del problema
Adobe ha rilasciato i seguenti aggiornamenti di sicurezza
con i quali risolve quasi 140 vulnerabilita'.
APSB26-01 : Security update available for Adobe DreamWeaver
APSB26-02 : Security update available for Adobe InDesign
APSB26-03 : Security update available for Adobe Illustrator
APSB26-04 : Security update available for Adobe InCopy
APSB26-07 : Security update available for Adobe Bridge
APSB26-08 : Security update available for Adobe Substance 3D Modeler
APSB26-09 : Security update available for Adobe Substance 3D Stager
APSB26-10 : Security update available for Adobe Substance 3D Painter
APSB26-11 : Security update available for Adobe Substance 3D Sampler
APSB26-12 : Security update available for Adobe Coldfusion
APSB26-13 : Security update available for Adobe Substance 3D Designer
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Dreamweaver, versione 21.6 e precedenti per Windows e macOS
InDesign ID21.x, versione ID21.0 per Windows e macOS
InDesign, versione ID19.5.5 e precedenti per Windows e macOS
Illustrator 2025, versione 29.8.3 e precedenti per Windows
Illustrator 2026, versione 30.0 e precedenti per Windows
InCopy 21.x, versione 21.0 per Windows e macOS
InCopy, versione 19.5.5 e precedenti per Windows e macOS
Bridge, versione 15.1.2 (LTS) e precedenti per Windows e macOS
Bridge 16.x, versione 16.0 per Windows e macOS
Substance 3D Modeler, versione 1.22.4 e precedenti
Substance 3D Stager, versione 3.1.5 e precedenti per Windows e macOS
Substance 3D Painter, versione 11.0.3 e precedenti
Substance 3D Sampler, versione 5.1.0 e precedenti
ColdFusion 2025, Update 5 e versioni precedenti
ColdFusion 2023, Update 17 e versioni precedenti
Substance 3D Designer, versione 15.0.3 e precedenti
:: Impatto
Esecuzione remota di codice arbitrario (RCE)
Arbitrary File Write
:: Soluzioni
Aggiornare i prodotti alle versioni piu' recenti
Dreamweaver 21.7
InDesign ID21.2 e ID20.5.1
Illustrator 2025 29.8.4 e superiori
Illustrator 2026 30.1 e superiori
InCopy 21.1
InCopy 20.5.1
Bridge 15.1.3 (LTS)
Bridge 16.0.1
Substance 3D Modeler 1.22.4
Substance 3D Stager 3.1.6
Substance 3D Painter 11.1.2
Substance 3D Sampler 5.1.3
Coldfusion 2025 Update 6
Coldfusion 2023 Update 18
Substance 3D Designer 15.1.0
:: Riferimenti
Adobe Security Bulletins e Advisories
https://helpx.adobe.com/security.html
https://helpx.adobe.com/security.html/security/security-bulletin.html
https://helpx.adobe.com/security/products/dreamweaver/apsb26-01.html
https://helpx.adobe.com/security/products/indesign/apsb26-02.html
https://helpx.adobe.com/security/products/illustrator/apsb26-03.html
https://helpx.adobe.com/security/products/incopy/apsb26-04.html
https://helpx.adobe.com/security/products/bridge/apsb26-07.html
https://helpx.adobe.com/security/products/substance3d-modeler/apsb26-08.html
https://helpx.adobe.com/security/products/substance3d_stager/apsb26-09.html
https://helpx.adobe.com/security/products/substance3d_painter/apsb26-10.html
https://helpx.adobe.com/security/products/substance3d-sampler/apsb26-11.html
https://helpx.adobe.com/security/products/coldfusion/apsb26-12.html
https://helpx.adobe.com/security/products/substance3d_designer/apsb26-13.html
CSIRT Italia
https://www.acn.gov.it/portale/w/adobe-aggiornamenti-di-sicurezza-11
Mitre CVE
I riferimenti CVE sono disponibili nell'advisory originale.
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iF0EAREIAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCaWd+SAAKCRDBnEyTZRJg
Qg7rAKDF58mf/s1JE1mhsPaqMXW04FPKcwCfbn43mqDP+npSClq1zF2TS04u0tc=
=D1Pg
-----END PGP SIGNATURE-----
Hash: SHA256
******************************************************************
alert ID: GCSA-26006
data: 14 Gennaio 2026
titolo: Adobe Monthly Security Update - gennaio 2026
******************************************************************
:: Descrizione del problema
Adobe ha rilasciato i seguenti aggiornamenti di sicurezza
con i quali risolve quasi 140 vulnerabilita'.
APSB26-01 : Security update available for Adobe DreamWeaver
APSB26-02 : Security update available for Adobe InDesign
APSB26-03 : Security update available for Adobe Illustrator
APSB26-04 : Security update available for Adobe InCopy
APSB26-07 : Security update available for Adobe Bridge
APSB26-08 : Security update available for Adobe Substance 3D Modeler
APSB26-09 : Security update available for Adobe Substance 3D Stager
APSB26-10 : Security update available for Adobe Substance 3D Painter
APSB26-11 : Security update available for Adobe Substance 3D Sampler
APSB26-12 : Security update available for Adobe Coldfusion
APSB26-13 : Security update available for Adobe Substance 3D Designer
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Dreamweaver, versione 21.6 e precedenti per Windows e macOS
InDesign ID21.x, versione ID21.0 per Windows e macOS
InDesign, versione ID19.5.5 e precedenti per Windows e macOS
Illustrator 2025, versione 29.8.3 e precedenti per Windows
Illustrator 2026, versione 30.0 e precedenti per Windows
InCopy 21.x, versione 21.0 per Windows e macOS
InCopy, versione 19.5.5 e precedenti per Windows e macOS
Bridge, versione 15.1.2 (LTS) e precedenti per Windows e macOS
Bridge 16.x, versione 16.0 per Windows e macOS
Substance 3D Modeler, versione 1.22.4 e precedenti
Substance 3D Stager, versione 3.1.5 e precedenti per Windows e macOS
Substance 3D Painter, versione 11.0.3 e precedenti
Substance 3D Sampler, versione 5.1.0 e precedenti
ColdFusion 2025, Update 5 e versioni precedenti
ColdFusion 2023, Update 17 e versioni precedenti
Substance 3D Designer, versione 15.0.3 e precedenti
:: Impatto
Esecuzione remota di codice arbitrario (RCE)
Arbitrary File Write
:: Soluzioni
Aggiornare i prodotti alle versioni piu' recenti
Dreamweaver 21.7
InDesign ID21.2 e ID20.5.1
Illustrator 2025 29.8.4 e superiori
Illustrator 2026 30.1 e superiori
InCopy 21.1
InCopy 20.5.1
Bridge 15.1.3 (LTS)
Bridge 16.0.1
Substance 3D Modeler 1.22.4
Substance 3D Stager 3.1.6
Substance 3D Painter 11.1.2
Substance 3D Sampler 5.1.3
Coldfusion 2025 Update 6
Coldfusion 2023 Update 18
Substance 3D Designer 15.1.0
:: Riferimenti
Adobe Security Bulletins e Advisories
https://helpx.adobe.com/security.html
https://helpx.adobe.com/security.html/security/security-bulletin.html
https://helpx.adobe.com/security/products/dreamweaver/apsb26-01.html
https://helpx.adobe.com/security/products/indesign/apsb26-02.html
https://helpx.adobe.com/security/products/illustrator/apsb26-03.html
https://helpx.adobe.com/security/products/incopy/apsb26-04.html
https://helpx.adobe.com/security/products/bridge/apsb26-07.html
https://helpx.adobe.com/security/products/substance3d-modeler/apsb26-08.html
https://helpx.adobe.com/security/products/substance3d_stager/apsb26-09.html
https://helpx.adobe.com/security/products/substance3d_painter/apsb26-10.html
https://helpx.adobe.com/security/products/substance3d-sampler/apsb26-11.html
https://helpx.adobe.com/security/products/coldfusion/apsb26-12.html
https://helpx.adobe.com/security/products/substance3d_designer/apsb26-13.html
CSIRT Italia
https://www.acn.gov.it/portale/w/adobe-aggiornamenti-di-sicurezza-11
Mitre CVE
I riferimenti CVE sono disponibili nell'advisory originale.
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iF0EAREIAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCaWd+SAAKCRDBnEyTZRJg
Qg7rAKDF58mf/s1JE1mhsPaqMXW04FPKcwCfbn43mqDP+npSClq1zF2TS04u0tc=
=D1Pg
-----END PGP SIGNATURE-----