CVE-2026-27258

EUVD-2026-22434 MEDIUM

2026-04-14 adobe

GHSA-85g7-96qr-w5x4

Buffer Overflow Memory Corruption

5.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Analysis Generated

Apr 14, 2026 - 19:43 vuln.today

DescriptionNVD

DNG SDK versions 1.7.1 2502 and earlier are affected by an out-of-bounds write vulnerability that could lead to application denial-of-service. An attacker could leverage this vulnerability to corrupt memory, causing the application to crash or become unresponsive. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

AnalysisAI

Out-of-bounds write in Adobe DNG SDK 1.7.1 2502 and earlier causes application denial-of-service through memory corruption when processing malicious DNG files. The vulnerability requires user interaction (opening a crafted file) and affects local attackers on systems where DNG SDK is deployed; no public exploit code or active exploitation has been confirmed at time of analysis.

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-27258 vulnerability details – vuln.today

Back

CVE-2026-27258

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Full analysis requires sign-in

Share

External POC / Exploit Code