Dng Software Development Kit
CVE-2026-21354
MEDIUM
Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Lifecycle Timeline
2DescriptionCVE.org
DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to cause the application to crash or become unresponsive. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
AnalysisAI
DNG SDK 1.7.1 (build 2410) and earlier contain an integer overflow vulnerability that causes application denial-of-service when processing malicious files. Local attackers can exploit this flaw by tricking users into opening a specially crafted file, resulting in application crashes or hangs. No patch is currently available.
Technical ContextAI
Classified as CWE-190 (Integer Overflow or Wraparound). Affects Dng Software Development Kit. DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to cause the application to crash or become unresponsive. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
RemediationAI
Monitor vendor advisories for a patch.
More in Dng Software Development Kit
View allAdobe DNG Software Development Kit (SDK) before 1.4 2016 allows attackers to execute arbitrary code or cause a denial of
Arbitrary code execution in DNG SDK 1.7.1 build 2410 and earlier via out-of-bounds write when processing malicious DNG f
Arbitrary code execution in DNG SDK 1.7.1 2410 and earlier stems from an integer overflow vulnerability that executes wi
Arbitrary code execution in DNG SDK 1.7.1 2471 and earlier via an out-of-bounds write vulnerability that executes with u
Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Rated high s
Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Rated high s
Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Rated high s
Out-of-bounds memory read in DNG SDK 1.7.1 (2410) and earlier enables attackers to extract sensitive information from pr
DNG SDK versions 1.7.1 and earlier contain an integer overflow vulnerability that allows local attackers to crash affect
Same weakness CWE-190 – Integer Overflow or Wraparound
View allSame technique Integer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today