Bulletin ID
Last updated on
Jun 12, 2026
Security updates available for Adobe Campaign Classic | APSB26-66
|
|
Date Published |
Priority |
|
APSB26-66 |
June 9, 2026 |
1 |
Summary
Adobe has released security updates for Adobe Campaign Classic. This update addresses critical vulnerabilities that could result in arbitrary code execution.
Affected versions
| Product | Affected version | Platform |
|---|---|---|
| Adobe Campaign Classic |
ACC v7: 7.4.3 build 9394 and earlier | Windows, Linux |
Solution
Adobe categorizes these updates with the following priority rating and recommends users update their installation to the newest version:
| Product | Updated version | Platform | Priority rating | Availability |
|---|---|---|---|---|
| Adobe Campaign Classic |
ACC v7: 7.4.3 build 9396 | Windows, Linux | 1 |
Note
This security advisory applies to on-premise Adobe Campaign instances only, including fully on-premise deployments and on-premise components in hybrid deployments. No action is required for Adobe-hosted instances; those environments have already been remediated.
Vulnerability Details
|
Vulnerability Category |
Vulnerability Impact |
Severity |
CVSS base score |
CVE Number |
|
|
Incorrect Authorization (CWE-863) |
Arbitrary code execution |
Critical |
10.0 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
CVE-2026-48303 |
|
Incorrect Authorization (CWE-863) |
Arbitrary code execution |
Critical |
10.0 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
CVE-2026-47938 |
Acknowledgments
Adobe would like to thank the following researchers for reporting this issue and for working with Adobe to help protect our customers.
- Jamie Parfet - CVE-2026-48303
NOTE: Adobe has a public bug bounty program with HackerOne. If you are interested in working with Adobe as an external security researcher, please check us out here: https://hackerone.com/adobe.
For more information, visit https://helpx.adobe.com/security.html, or email PSIRT@adobe.com
