答案已发布4天前Last edited 4天前30 来源

Adobe六月补丁日：罕见“独角兽”级双CVSS 10分漏洞

Adobe 6月补丁日修复了123个漏洞，最引人注目的是Campaign Classic中两个罕见的CVSS 10分代码执行漏洞，Zero Day Initiative称此为“独角兽”事件，但暂无在野攻击发现。 Adobe将Campaign Classic和ColdFusion的更新评为最高优先级，暗示未来被利用的风险较高；同一天微软发布破纪录更新，修复了近200 211个CVE。

使用 Studio Global AI 搜索并核查事实浏览更多热门页面

136K0

Conceptual cybersecurity image representing Adobe June 2026 patch updates and critical vulnerabilities. — What vulnerabilities did Adobe patch in its June 2026 Patch Tuesday updates, including the two rare CVSS 10 bugs in Campaign Classic, the scAdobe's June 2026 Patch Tuesday addressed 123 vulnerabilities across 11 products, highlighted by two rare CVSS 10 bugs in Campaign Classic.
AI 提示
Create a landscape editorial hero image for this Studio Global article: What vulnerabilities did Adobe patch in its June 2026 Patch Tuesday updates, including the two rare CVSS 10 bugs in Campaign Classic, the sc. Article summary: ## Adobe June 2026 Patch Tuesday. Topic tags: general, general web, education, user generated. Reference image context from search candidates: Reference image 1: visual subject "# Security Check-in Quick Hits: Microsoft Patch Tuesday Overload, Adobe Zero-Day Fix, Booking.com Breach, and OpenAI’s Specialized Cyber AI Launch. ### Microsoft’s April 2026 Patch" source context "Microsoft Patch Tuesday Overload, Adobe Zero-Day Fix, Booking ..." Reference image 2: visual subject "# Security Check-in Quick Hits: Microsoft Patch Tuesday Overload, Adobe Zero-Day Fix, Booking.com Breach, and OpenAI’s Specialized Cyber AI Launch. ### Microsoft’s April 2026 Patch" source co
openai.com

2026年6月9日，Adobe发布了一次大规模安全更新，总共修复了横跨11款产品的123个漏洞 。这次发布因一个罕见事件而格外引人注目：Adobe Campaign Classic（APSB26-66）的一份安全公告中，竟然包含了两个CVSS严重性评分均为满分10分的漏洞。此外，这次重要补丁日还包含了对ColdFusion、Acrobat Reader、InDesign和Experience Manager的关键修复，并与微软有史以来规模最大的月度安全更新同时到来。

Campaign Classic中的“独角兽”：双CVSS 10分漏洞

此次更新最引人注目的部分在于Adobe Campaign Classic。该公告解决了可能导致任意代码执行的严重漏洞，其中两个漏洞的通用漏洞评分系统（CVSS，用于评估软件漏洞严重程度的行业标准，10分为最高）评分达到了满分10分。

正如零日计划（Zero Day Initiative）在其分析中指出的：“一个CVSS 10分漏洞已属罕见；同一份公告中出现两个，简直是‘独角兽’一样的存在” 。满分的CVSS评分意味着该漏洞易于远程利用，无需用户交互，并且可能对机密性、完整性和可用性造成灾难性影响。

虽然Adobe表示在发布时尚未发现有针对这些Campaign Classic漏洞的活跃攻击，但安全研究人员仍敦促用户立即修补，并预计业界将投入大量精力研究并构建概念验证（PoC）攻击代码。该修复适用于Windows和Linux平台上ACC v7 build 9394及更早版本的Campaign Classic 。

Studio Global AI

Search, cite, and publish your own answer

Use this topic as a starting point for a fresh source-backed answer, then compare citations before you share it.

使用 Studio Global AI 搜索并核查事实

人们还问