Poor old Adobe. It seems that the image manipulation and video streaming company has been cursed by St Eve of Cupertino.
Ever since Apple boss Steve Jobs announced that he wouldn't be using Flash on any of his new toys because it was buggy (an accusation vigorously denied by various Adobe top brass) the bugs have been coming thick and fast.
The latest, announced by Adobe yesterday, is a critical vulnerability in Flash Player version 10.0.42.34 and earlier. The flaw could subvert the domain sandbox and allow or make unauthorised cross-domain requests.
Updating to the latest versions of both Flash and Air should plug the hole.