Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
File-based local attack (AV:L, UI:R) with no attacker privileges needed (PR:N); impact is memory disclosure only (C:H, I:N, A:N), unchanged scope.
Primary rating from Vendor (adobe).
CVSS VectorVendor: adobe
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionCVE.org
DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
AnalysisAI
Out-of-bounds read in Adobe DNG SDK 1.7.1 build 2536 and earlier exposes sensitive process memory contents when a victim opens a specially crafted DNG image file. The attacker requires no privileges of their own - the attack surface is entirely dependent on social engineering a user into opening a malicious file processed by any application embedding the vulnerable SDK. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires that a victim user actively opens a specially crafted DNG file using an application built on Adobe DNG SDK version 1.7.1 build 2536 or earlier. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 base score of 5.5 (Medium) correctly reflects the constrained attack model: AV:L limits the vector to local file access, UI:R mandates victim interaction, and the impact triad of C:H/I:N/A:N confirms disclosure-only with no execution or denial-of-service capability. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker crafts a DNG image file with a malformed offset or length field in its structure, designed to cause the DNG SDK parser to read beyond the intended buffer boundary. The file is delivered to a target via phishing email, a malicious download link, or a compromised file-sharing service, and the victim opens it in a photo editing or DAM application built on the vulnerable SDK. … |
| Remediation | Adobe has published security advisory APSB26-67 at https://helpx.adobe.com/security/products/dng-sdk/apsb26-67.html, which should be consulted for the exact patched SDK version, as the available input data does not independently confirm the specific fixed build number beyond the vulnerable ceiling of version 1.7.1 build 2536. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Heap-based buffer overflow in Adobe DNG SDK versions 1.7.1 (build 2536) and earlier enables arbitrary code execution in
Out-of-bounds read in Adobe DNG SDK 1.7.1 build 2536 and earlier exposes sensitive process memory when a victim opens a
Out-of-bounds memory read in Adobe DNG SDK 1.7.1 build 2536 and earlier enables sensitive process memory disclosure when
Null Pointer Dereference in Adobe DNG SDK versions 1.7.1 build 2536 and earlier allows an attacker to crash any applicat
Out-of-bounds write in Adobe DNG SDK 1.7.1 2502 and earlier causes application denial-of-service through memory corrupti
Same weakness CWE-125 – Out-of-bounds Read
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-37132
GHSA-q57c-73r4-6g5h