Adobe Framemaker
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Adobe Framemaker.
Recent Adobe Framemaker Security Advisories
| Advisory | Title | Published |
|---|---|---|
| APSB25-101 | Security Updates Available for Adobe Framemaker | APSB25-101 | October 14, 2025 |
| APSB25-83 | Security Updates Available for Adobe Framemaker | APSB25-83 | August 12, 2025 |
| APSB25-66 | Security Updates Available for Adobe Framemaker | APSB25-66 | July 8, 2025 |
| APSB25-33 | Security Updates Available for Adobe Framemaker | APSB25-33 | April 8, 2025 |
| APSB24-106 | Security Updates Available for Adobe Framemaker | APSB24-106 | December 10, 2024 |
| APSB24-82 | Security Updates Available for Adobe Framemaker | APSB24-37 APSB24-82 | October 8, 2024 |
| APSB24-38 | Security Updates Available for Adobe Framemaker | APSB24-38 | June 11, 2024 |
| APSB24-37 | Security Updates Available for Adobe Framemaker | APSB24-37 | May 14, 2024 |
| APSB24-10 | Security Updates Available for Adobe Framemaker | APSB24-10 | February 13, 2024 |
| APSB23-58 | Security Updates Available for Adobe Framemaker | APSB23-58 | November 14, 2023 |
By the Year
In 2025 there have been 32 vulnerabilities in Adobe Framemaker with an average score of 7.3 out of ten. Last year, in 2024 Framemaker had 14 security vulnerabilities published. That is, 18 more vulnerabilities have already been reported in 2025 as compared to last year. Last year, the average CVE base score was greater by 0.01
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 32 | 7.30 |
| 2024 | 14 | 7.31 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 3 | 3.30 |
| 2020 | 5 | 8.80 |
| 2019 | 0 | 0.00 |
| 2018 | 1 | 7.80 |
It may take a day or so for new Framemaker vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Adobe Framemaker Security Vulnerabilities
Adobe Framemaker Heap-Base Buffer Overflow before 2022.7 (CVE-2025-54282)
CVE-2025-54282
7.8 - High
- October 14, 2025
Adobe Framemaker versions 2020.9, 2022.7 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Heap-based Buffer Overflow
Adobe Framemaker UAF before 2023.0 allow arbitrary code exec
CVE-2025-54281
7.8 - High
- October 14, 2025
Adobe Framemaker versions 2020.9, 2022.7 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Dangling pointer
Adobe Framemaker 2020.8-2022.6 OOB Read – Sensitive Data Disclosure
CVE-2025-54233
5.5 - Medium
- August 12, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe Framemaker UAF in 2020.8/2022.6 and earlier
CVE-2025-54232
7.8 - High
- August 12, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Dangling pointer
Adobe FrameMaker UAF in <2022.6, victim opens malicious file
CVE-2025-54231
7.8 - High
- August 12, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Dangling pointer
Adobe Framemaker 2020.8/2022.6 – UAF via malicious file
CVE-2025-54230
7.8 - High
- August 12, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Dangling pointer
Adobe Framemaker UAF (2020.8/2022.6 and earlier)
CVE-2025-54229
7.8 - High
- August 12, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Dangling pointer
Adobe Framemaker OOB Write CVE-2025-47129
CVE-2025-47129
7.8 - High
- July 08, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe Framemaker 2020.8–2022.6 Uninitialized Pointer vuln (arbitrary code exec)
CVE-2025-47121
7.8 - High
- July 08, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Access of Uninitialized Pointer
Adobe Framemaker < 2022.6 Heap Overflow -> Remote Code Exec
CVE-2025-47122
7.8 - High
- July 08, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Heap-based Buffer Overflow
CVE-2025-47123: Adobe Framemaker Heap Buffer Overflow 2020.8-2022.6
CVE-2025-47123
7.8 - High
- July 08, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Heap-based Buffer Overflow
Adobe Framemaker OOB Write RCE in 2020.8/2022.6 and earlier
CVE-2025-47124
7.8 - High
- July 08, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe Framemaker <= 2022.6 Heap Buffer Overflow (CVE-2025-47125)
CVE-2025-47125
7.8 - High
- July 08, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Heap-based Buffer Overflow
CVE-2025-47126 Adobe Framemaker OOB Write on 2020.8/2022.6 Leading to Code Exec
CVE-2025-47126
7.8 - High
- July 08, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe FrameMaker OOB Write Vulnerability (<=2022.6)
CVE-2025-47127
7.8 - High
- July 08, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe Framemaker <2022.6 Integer Underflow leads to ACE (user-triggered)
CVE-2025-47128
7.8 - High
- July 08, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Integer underflow
Adobe Framemaker 2020.8–2022.6 Integer Underflow leads to RCE
CVE-2025-47130
7.8 - High
- July 08, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Integer underflow
Adobe FrameMaker <2023: Heap BOF Allows Arbitrary Exec
CVE-2025-47131
7.8 - High
- July 08, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Heap-based Buffer Overflow
Adobe Framemaker OOB Write CVE-2025-47132 (<= 2022.6)
CVE-2025-47132
7.8 - High
- July 08, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe FrameMaker OOB Write v2020.8/2022.6: Arbitrary Code Exec
CVE-2025-47133
7.8 - High
- July 08, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe FrameMaker <2022.6 Buffer Overflow via Malicious File
CVE-2025-47120
5.5 - Medium
- July 08, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Stack Overflow
CVE-2025-47119: Adobe Framemaker NULL PTR Deref (2020.8/2022.6)
CVE-2025-47119
5.5 - Medium
- July 08, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing a disruption in service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
NULL Pointer Dereference
Stack-based Buffer Overflow in Adobe Framemaker <=2022.6
CVE-2025-30298
7.8 - High
- April 08, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe FrameMaker OOB Read (ASLR Bypass) before 2022.7
CVE-2025-30303
5.5 - Medium
- April 08, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe FrameMaker OOBR before 2022.6 reveals memory, bypasses ASLR
CVE-2025-30302
5.5 - Medium
- April 08, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe Framemaker Null Deref in Document Parser Prior to 2022.6
CVE-2025-30301
5.5 - Medium
- April 08, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
NULL Pointer Dereference
Adobe FrameMaker before 2023 NULL Pointer Deref. -> DoS
CVE-2025-30300
5.5 - Medium
- April 08, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial of service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
NULL Pointer Dereference
Adobe Framemaker <2020.8/2022.6: Heap Buffer Overflow
CVE-2025-30299
7.8 - High
- April 08, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe Framemaker OOB Write CVE-2025-30297 – 2020.8/2022.6 (Code Exec)
CVE-2025-30297
7.8 - High
- April 08, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe FrameMaker 2020.8-2022.6 int. underflow -> arbitrary code exec
CVE-2025-30296
7.8 - High
- April 08, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Integer underflow
Adobe Framemaker Heap-Based Buffer Overflow 2020.8-2022.6 (Arbitrary Code Exec)
CVE-2025-30295
7.8 - High
- April 08, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe Framemaker OOB Write CVE-2025-30304 (<= 2022.6)
CVE-2025-30304
7.8 - High
- April 08, 2025
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe Framemaker Stack-based Buffer Overflow Vulnerability
CVE-2024-53959
7.8 - High
- December 10, 2024
Adobe Framemaker versions 2020.7, 2022.5 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe Framemaker 2020.6/2022.4 Integer Underflow Enables Code Exec
CVE-2024-47425
7.8 - High
- October 09, 2024
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Integer underflow
Adobe FrameMaker OOB Read in 2022.4 via crafted file
CVE-2024-47421
7.8 - High
- October 09, 2024
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe Framemaker <=2022.4 Untrusted Search Path Enables XEC
CVE-2024-47422
7.8 - High
- October 09, 2024
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution. An attacker could exploit this vulnerability by inserting a malicious path into the search directories, which the application could unknowingly execute. This could allow the attacker to execute arbitrary code in the context of the current user. Exploitation of this issue requires user interaction.
Untrusted Path
Ad. Framemaker 2022.4 Unrestricted Upload File Code Exec
CVE-2024-47423
7.8 - High
- October 09, 2024
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by uploading a malicious file which can be automatically processed or executed by the system. Exploitation of this issue requires user interaction.
Unrestricted File Upload
Adobe Framemaker2022.4 Integer Overflow RCE
CVE-2024-47424
7.8 - High
- October 09, 2024
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Integer Overflow or Wraparound
Adobe Framemaker OOB Write CVE-2024-30290 (2022.3)
CVE-2024-30290
7.8 - High
- May 16, 2024
Adobe Framemaker versions 2020.5, 2022.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe Framemaker OOB Write Arbitrary Code Exec in v2022.3
CVE-2024-30291
7.8 - High
- May 16, 2024
Adobe Framemaker versions 2020.5, 2022.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe FrameMaker 2022.3 OOBW Causing Arbitrary Code Exec
CVE-2024-30292
7.8 - High
- May 16, 2024
Adobe Framemaker versions 2020.5, 2022.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe FrameMaker Stack-based BufOvfl in v2020.5-2022.3
CVE-2024-30289
7.8 - High
- May 16, 2024
Adobe Framemaker versions 2020.5, 2022.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe FrameMaker Heap-based Buffer Overflow (pre2023) Arbitrary Code Exec
CVE-2024-30288
7.8 - High
- May 16, 2024
Adobe Framemaker versions 2020.5, 2022.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe Framemaker OOB Read CVE-2024-30287 (before 2022.3)
CVE-2024-30287
5.5 - Medium
- May 16, 2024
Adobe Framemaker versions 2020.5, 2022.3 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe Framemaker <2020.5 OOB Read Allowing ASLR Bypass via Document Component
CVE-2024-30286
5.5 - Medium
- May 16, 2024
Adobe Framemaker versions 2020.5, 2022.3 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe FrameMaker OOB Read CVE-2024-30283 (before 2022.3)
CVE-2024-30283
5.5 - Medium
- May 16, 2024
Adobe Framemaker versions 2020.5, 2022.3 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release Update 2 (and earlier) are affected by an out-of-bounds read vulnerability
CVE-2021-39865
3.3 - Low
- September 29, 2021
Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release Update 2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release Update 2 (and earlier) are affected by an out-of-bounds read vulnerability
CVE-2021-40697
3.3 - Low
- September 29, 2021
Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release Update 2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release Update 2 (and earlier) are affected by an out-of-bounds read vulnerability
CVE-2021-39862
3.3 - Low
- September 29, 2021
Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release Update 2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe Framemaker versions 2019.0.5 and below have an out-of-bounds write vulnerability
CVE-2020-9634
8.8 - High
- June 12, 2020
Adobe Framemaker versions 2019.0.5 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.
Memory Corruption
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Adobe Framemaker or by Adobe? Click the Watch button to subscribe.
