Synced 16 Jun 2026 15:24 UTC Account
← Flash Player

Flash Player vulnerabilities: known CVEs & security history

Adobe · Actively exploited · 1084 tracked CVEs · 36 actively exploited · updated June 2026 · what is a CVE? →

This is the full list of known vulnerabilities (CVEs) across all Flash Player release lines — 1084 in total, with 36 actively exploited in the wild. A CVE here doesn't mean your version is affected — check Flash Player's current status and the safe version to run.

1084
known CVEs
36
actively exploited (KEV)
50
critical severity
4
ransomware-linked

Known Flash Player CVEs

Actively-exploited and most-severe first. Showing the top 80 of 1084. Open any CVE for full details.

CVESeverityCVSSEPSSYear
CVE-2016-4171⚡ exploited critical 9.8 20% 2016
CVE-2016-4117⚡ exploited critical 9.8 94% 2016
CVE-2016-1019⚡ exploited critical 9.8 22% 2016
CVE-2015-5123⚡ exploited critical 9.8 18% 2015
CVE-2015-5122⚡ exploited critical 9.8 94% 2015
CVE-2015-5119⚡ exploited critical 9.8 99% 2015
CVE-2015-3113⚡ exploited critical 9.8 100% 2015
CVE-2015-3043⚡ exploited critical 9.8 80% 2015
CVE-2015-0313⚡ exploited critical 9.8 96% 2015
CVE-2015-0311⚡ exploited critical 9.8 86% 2015
CVE-2014-0497⚡ exploited critical 9.8 100% 2014
CVE-2017-11292⚡ exploited high 8.8 12% 2017
CVE-2016-7892⚡ exploited high 8.8 19% 2016
CVE-2016-7855⚡ exploited high 8.8 25% 2016
CVE-2016-1010⚡ exploited high 8.8 20% 2016
CVE-2016-0984⚡ exploited high 8.8 55% 2016
CVE-2015-8651⚡ exploited high 8.8 68% 2015
CVE-2014-8439⚡ exploited high 8.8 20% 2014
CVE-2014-0502⚡ exploited high 8.8 24% 2014
CVE-2013-0648⚡ exploited high 8.8 11% 2013
CVE-2013-0643⚡ exploited high 8.8 11% 2013
CVE-2012-5054⚡ exploited high 8.8 21% 2012
CVE-2011-0611⚡ exploited high 8.8 99% 2011
CVE-2012-0754⚡ exploited high 8.1 92% 2012
CVE-2018-15982⚡ exploited high 7.8 82% 2019
CVE-2018-5002⚡ exploited high 7.8 25% 2018
CVE-2018-4878⚡ exploited high 7.8 90% 2018
CVE-2015-7645⚡ exploited high 7.8 68% 2015
CVE-2015-0310⚡ exploited high 7.8 15% 2015
CVE-2014-9163⚡ exploited high 7.8 20% 2014
CVE-2012-1535⚡ exploited high 7.8 70% 2012
CVE-2011-0609⚡ exploited high 7.8 67% 2011
CVE-2010-1297⚡ exploited high 7.8 82% 2010
CVE-2009-1862⚡ exploited high 7.8 25% 2009
CVE-2012-2034⚡ exploited high 7.5 8% 2012
CVE-2012-0767⚡ exploited medium 6.1 7% 2012
CVE-2015-8459 critical 10 6% 2015
CVE-2020-9633 critical 9.8 8% 2020
CVE-2019-8070 critical 9.8 6% 2019
CVE-2019-8069 critical 9.8 5% 2019
CVE-2019-7096 critical 9.8 6% 2019
CVE-2018-15981 critical 9.8 12% 2018
CVE-2018-12828 critical 9.8 7% 2018
CVE-2018-12825 critical 9.8 7% 2018
CVE-2018-4944 critical 9.8 9% 2018
CVE-2018-4877 critical 9.8 9% 2018
CVE-2017-3114 critical 9.8 6% 2017
CVE-2017-3112 critical 9.8 6% 2017
CVE-2017-11225 critical 9.8 6% 2017
CVE-2017-11215 critical 9.8 6% 2017
CVE-2017-11213 critical 9.8 7% 2017
CVE-2017-11282 critical 9.8 35% 2017
CVE-2017-11281 critical 9.8 34% 2017
CVE-2016-0959 critical 9.8 5% 2017
CVE-2017-3084 critical 9.8 9% 2017
CVE-2017-3083 critical 9.8 14% 2017
CVE-2017-3082 critical 9.8 12% 2017
CVE-2017-3081 critical 9.8 14% 2017
CVE-2017-3079 critical 9.8 7% 2017
CVE-2017-3078 critical 9.8 31% 2017
CVE-2017-3077 critical 9.8 22% 2017
CVE-2017-3076 critical 9.8 25% 2017
CVE-2017-3075 critical 9.8 9% 2017
CVE-2017-3063 critical 9.8 9% 2017
CVE-2017-3062 critical 9.8 10% 2017
CVE-2017-3061 critical 9.8 25% 2017
CVE-2017-3060 critical 9.8 8% 2017
CVE-2017-3059 critical 9.8 10% 2017
CVE-2016-4163 critical 9.8 6% 2016
CVE-2016-4162 critical 9.8 6% 2016
CVE-2016-4161 critical 9.8 6% 2016
CVE-2016-4160 critical 9.8 6% 2016
CVE-2016-4138 critical 9.8 25% 2016
CVE-2016-4121 critical 9.8 10% 2016
CVE-2016-4120 critical 9.8 6% 2016
CVE-2015-8457 high 10 9% 2015
CVE-2015-8455 high 10 6% 2015
CVE-2015-8454 high 10 7% 2015
CVE-2015-8452 high 10 7% 2015
CVE-2015-8451 high 10 6% 2015

1004 older / lower-severity CVEs not shown — see Flash Player's full record.

Is my Flash Player version affected?

The list above spans every release. To know whether your version is affected — and the minimum safe version to upgrade to — check it directly.

Check your Flash Player version → · Monitor Flash Player for new CVEs →

Flash Player vulnerabilities — frequently asked

How many known vulnerabilities does Flash Player have?

IsItPatched tracks 1084 CVEs for Flash Player, 36 of which are actively exploited (CISA KEV). 50 are critical-severity and 927 high-severity. These span every release line — what matters is whether the version you run is affected.

Does Flash Player have any actively-exploited vulnerabilities?

Yes — 36 Flash Player CVEs are in CISA's Known Exploited Vulnerabilities catalog, meaning they are confirmed exploited in the wild (4 linked to ransomware). Patch these as a priority.

What is the most severe Flash Player vulnerability?

Among tracked issues, CVE-2016-4171 (CRITICAL, CVSS 9.8), which is actively exploited, ranks highest.

Is Flash Player safe to use?

It depends on the version. The latest supported Flash Player release clears the known issues; older versions may still be affected. Check the exact version you run for a verdict.

CVE data aggregated from NVD, CISA KEV and EPSS (FIRST.org). Related: Flash Player security status · Flash Player end-of-life · actively-exploited CVEs. Always verify against Adobe's advisories — see our disclaimer.