Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Lifecycle Timeline
4DescriptionCVE.org
Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Divide By Zero vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application or render it unresponsive. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
AnalysisAI
Divide by zero vulnerability in Adobe Bridge versions 15.1.4 and earlier allows local denial of service when a victim opens a malicious file, crashing or freezing the application. The vulnerability requires user interaction and local file access but carries a moderate CVSS score of 5.5 due to high availability impact; no public exploit code or active exploitation has been confirmed.
Technical ContextAI
This vulnerability exploits a divide-by-zero condition classified under CWE-369 (Divide By Zero), a common arithmetic exception that occurs when code attempts to divide a numeric value by zero without validation. Adobe Bridge is a digital asset management tool that processes various file formats; the vulnerability likely exists in a file parsing or image processing routine that fails to validate divisor values before performing division operations. Local attack vector and user interaction requirement indicate the flaw is triggered during file import, thumbnail generation, or metadata processing when Bridge encounters maliciously crafted file content designed to cause an unhandled arithmetic exception.
RemediationAI
Update Adobe Bridge to the patched version specified in Adobe security advisory APSB26-39 (https://helpx.adobe.com/security/products/bridge/apsb26-39.html). No interim workaround fully mitigates the risk; however, users can reduce exposure by disabling automatic file preview/thumbnail generation and restricting file imports to trusted sources until patching is completed. Disable opening untrusted or suspicious file formats in Bridge settings if available.
Heap-based buffer overflow in Adobe Photoshop CC before 16.0 (aka 2015.0.0) and Adobe Bridge CC before 6.11 allows attac
Integer overflow in Adobe Photoshop CC before 16.0 (aka 2015.0.0) and Adobe Bridge CC before 6.11 allows attackers to ex
Adobe Photoshop CC before 16.0 (aka 2015.0.0) and Adobe Bridge CC before 6.11 allow attackers to execute arbitrary code
DOM based Cross-site scripting (XSS) vulnerability in the Bridge theme before 11.2 for WordPress allows remote attackers
Bridge versions 15.0.3, 14.1.6 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could re
Bridge versions 15.0.3, 14.1.6 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that
Bridge versions 15.0.3, 14.1.6 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could r
Bridge versions 14.1.5, 15.0.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result
Arbitrary code execution in Bridge 15.1.3, 16.0.1 and earlier through an out-of-bounds write vulnerability triggered whe
Heap buffer overflow in Bridge versions 15.1.2 and 16.0 and earlier enables arbitrary code execution when users open spe
Arbitrary code execution in Bridge versions 15.1.3, 16.0.1 and earlier results from an integer overflow vulnerability th
Heap-based buffer overflow in Adobe Bridge 16.0.2, 15.1.4, and earlier versions enables arbitrary code execution with vi
Same weakness CWE-369 – Divide By Zero
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-22685