Adobe Incopy
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Adobe Incopy.
Recent Adobe Incopy Security Advisories
| Advisory | Title | Published |
|---|---|---|
| APSB25-80 | Security Update Available for Adobe InCopy | APSB25-80 | August 12, 2025 |
| APSB25-59 | Security Update Available for Adobe InCopy | APSB25-59 | July 8, 2025 |
| APSB25-41 | Security Update Available for Adobe InCopy | APSB25-41 | June 10, 2025 |
| APSB25-10 | Security Update Available for Adobe InCopy | APSB25-10 | February 11, 2025 |
| APSB24-79 | Security Update Available for Adobe InCopy | APSB24-79 | October 8, 2024 |
| APSB24-64 | Security Update Available for Adobe InCopy | APSB24-64 | August 13, 2024 |
| APSB23-60 | Security Update Available for Adobe InCopy | APSB23-60 | November 14, 2023 |
| APSB23-13 | Security Update Available for Adobe InCopy | APSB23-13 | April 11, 2023 |
| APSB23-08 | Security Update Available for Adobe InCopy | APSB23-08 | January 10, 2023 |
| APSB22-53 | Security Update Available for Adobe InCopy | APSB21-05 APSB22-53 | September 13, 2022 |
By the Year
In 2025 there have been 14 vulnerabilities in Adobe Incopy with an average score of 7.8 out of ten. Last year, in 2024 Incopy had 2 security vulnerabilities published. That is, 12 more vulnerabilities have already been reported in 2025 as compared to last year. Interestingly, the average vulnerability score and the number of vulnerabilities for 2025 and last year was the same.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 14 | 7.80 |
| 2024 | 2 | 7.80 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 2 | 7.80 |
It may take a day or so for new Incopy vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Adobe Incopy Security Vulnerabilities
Adobe InCopy UAF (<20.4/19.5.4) via Malicious File
CVE-2025-54223
7.8 - High
- August 12, 2025
InCopy versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Dangling pointer
Adobe InCopy OOB Write -> Arbitrary Code Execution (CVE-2025-54221)
CVE-2025-54221
7.8 - High
- August 12, 2025
InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe InCopy Heap BOV (RCE) v <= 20.4
CVE-2025-54220
7.8 - High
- August 12, 2025
InCopy versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Heap-based Buffer Overflow
Heap-buffer overflow in InCopy <20.4 via malicious file
CVE-2025-54219
7.8 - High
- August 12, 2025
InCopy versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Heap-based Buffer Overflow
Adobe InCopy <=20.4 OOB Write via Malicious File
CVE-2025-54218
7.8 - High
- August 12, 2025
InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe InCopy <20.5 Heap Buffer Overflow
CVE-2025-54217
7.8 - High
- August 12, 2025
InCopy versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Heap-based Buffer Overflow
Adobe InCopy OOB in File Parser Before 20.4
CVE-2025-54216
7.8 - High
- August 12, 2025
InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
InCopy <=20.4 OOB Write via Malicious File
CVE-2025-54215
7.8 - High
- August 12, 2025
InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe InCopy <=20.3 Heap Buffer Overflow -> Code Exec via Malicious File
CVE-2025-47099
7.8 - High
- July 08, 2025
InCopy versions 20.3, 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Heap-based Buffer Overflow
Adobe InCopy <20.3 Uninitialized Pointer CVE-2025-47098 Code Exec via File
CVE-2025-47098
7.8 - High
- July 08, 2025
InCopy versions 20.3, 19.5.3 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Access of Uninitialized Pointer
Adobe InCopy 20.3 and earlier: Integer Underflow CVE-2025-47097
CVE-2025-47097
7.8 - High
- July 08, 2025
InCopy versions 20.3, 19.5.3 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Integer underflow
InCopy <20.3 Heap Buffer Overflow (Arbitrary Code Exec)
CVE-2025-47107
7.8 - High
- June 10, 2025
InCopy versions 20.2, 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Heap-based Buffer Overflow
InCopy Integer Overflow in 20.2/19.5.3 – Vulnerable to Arbitrary Code Execution
CVE-2025-30327
7.8 - High
- June 10, 2025
InCopy versions 20.2, 19.5.3 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Integer Overflow or Wraparound
Adobe InCopy <20.0: Integer Underflow Arbitrary Code Exec
CVE-2025-21156
7.8 - High
- February 11, 2025
InCopy versions 20.0, 19.5.1 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Integer underflow
Adobe InCopy <19.4, <18.5.3: Unsafe File Upload Remote Code Exec (CVE-2024-45136)
CVE-2024-45136
7.8 - High
- October 09, 2024
InCopy versions 19.4, 18.5.3 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution by an attacker. An attacker could exploit this vulnerability by uploading a malicious file which can then be executed on the server. Exploitation of this issue requires user interaction.
Unrestricted File Upload
Adobe InCopy <=19.4 Integer Overflow Allowing Arbitrary Code Exec
CVE-2024-41858
7.8 - High
- August 14, 2024
InCopy versions 18.5.2, 19.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Integer Overflow or Wraparound
Adobe InCopy version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious XML file
CVE-2021-39819
7.8 - High
- September 27, 2021
Adobe InCopy version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious XML file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
Buffer Overflow
Adobe InCopy version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious TIFF file
CVE-2021-39818
7.8 - High
- September 27, 2021
Adobe InCopy version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
Buffer Overflow
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Adobe Incopy or by Adobe? Click the Watch button to subscribe.
