What is the CVSS score of CVE-2026-27615?

CVE-2026-27615 has a CVSS 3.1 base score of 7.8 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of Windows are affected by CVE-2026-27615?

CVE-2026-27615 affects Adb Explorer and allows attackers to redirect the application to malicious remote resources, potentially leading to unauthorized access or data exfiltration.

Is there a public PoC exploit available for CVE-2026-27615?

Yes, a public proof-of-concept exploit is available for CVE-2026-27615. Prioritise patching immediately. EPSS: 0.0%.

Windows CVE-2026-27615

HIGH

Path Traversal: '\\UNC\share\name\' (Windows UNC Share) (CWE-40)

2026-02-25 security-advisories@github.com

Windows Adb Explorer

7.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:55 vuln.today

PoC Detected

Feb 27, 2026 - 19:04 vuln.today

Public exploit code

CVE Published

Feb 25, 2026 - 03:16 nvd

HIGH 7.8

DescriptionNVD

ADB Explorer is a fluent UI for ADB on Windows. In versions prior to Beta 0.9.26022, ADB-Explorer allows the ManualAdbPath settings variable, which determines the path of the ADB binary to be executed, to be set to a Universal Naming Convention (UNC) path in the application's settings file. This allows an attacker to set the binary's path to point to a remote network resource, hosted on an attacker-controlled network share, thus granting the attacker full control over the binary being executed by the app. An attacker may leverage this vulnerability to execute code remotely on a victim's machine with the privileges of the user running the app. Exploitation is made possible by convincing a victim to run a shortcut of the app that points to a custom App.txt settings file, which sets ManualAdbPath (for example, when downloaded in an archive file). Version Beta 0.9.26022 fixes the issue.

AnalysisAI

Adb Explorer contains a vulnerability that allows attackers to set the binary's path to point to a remote network resource, hosted on an attack (CVSS 7.8).

RemediationAI

Within 24 hours: Inventory all systems running Adb Explorer and isolate or restrict network access for affected instances. Within 7 days: Implement network segmentation to block outbound connections from systems running Adb Explorer to untrusted destinations; disable Adb Explorer if not critical to operations. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-27615 vulnerability details – vuln.today

Back

Windows CVE-2026-27615

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code