Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Local file-parsing flaw requiring the victim to open a malicious DNG (AV:L, UI:R), no prior auth needed (PR:N), and code executes with full user-context CIA impact.
Primary rating from Vendor (adobe).
CVSS VectorVendor: adobe
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
DNG SDK versions 1.7.1 2536 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
AnalysisAI
Heap-based buffer overflow in Adobe DNG SDK versions 1.7.1 (build 2536) and earlier enables arbitrary code execution in the context of the current user when a victim opens a maliciously crafted DNG file. The flaw affects any application or workflow that links the DNG SDK for parsing Digital Negative raw image files, and no public exploit identified at time of analysis. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Requires the victim to open a maliciously crafted DNG (Digital Negative) raw-image file in an application that links Adobe DNG SDK 1.7.1 build 2536 or earlier - this includes Adobe DNG Converter, Camera Raw, Lightroom/Lightroom Classic, and any third-party RAW imaging tool bundling the SDK. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 vector AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H reflects a classic client-side file-parsing flaw: local attack vector (the file must reach the victim's machine), low complexity, no privileges, but mandatory user interaction (opening the file) - giving full CIA impact in the user's security context. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker crafts a malformed DNG file with manipulated IFD/strip metadata that triggers the heap overflow during parsing, then delivers it to a target photographer or imaging-workflow user via phishing email, a shared cloud album, or a poisoned stock-image download. When the victim opens the file in Adobe Camera Raw, Lightroom, DNG Converter, or any third-party application linked against the vulnerable SDK, the overflow corrupts heap metadata and yields arbitrary code execution as the logged-in user, enabling credential theft, ransomware staging, or lateral movement. … |
| Remediation | Patch available per vendor advisory: upgrade the Adobe DNG SDK to the version published in APSB26-67 (https://helpx.adobe.com/security/products/dng-sdk/apsb26-67.html) and rebuild any downstream applications that embed the SDK; the exact fixed SDK build number is not enumerated in the provided intelligence and should be confirmed from that advisory. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Identify all applications linked to Adobe DNG SDK versions 1.7.1 (build 2536) and earlier; restrict access to DNG files from external and untrusted sources. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Out-of-bounds read in Adobe DNG SDK 1.7.1 build 2536 and earlier exposes sensitive process memory when a victim opens a
Out-of-bounds memory read in Adobe DNG SDK 1.7.1 build 2536 and earlier enables sensitive process memory disclosure when
Out-of-bounds read in Adobe DNG SDK 1.7.1 build 2536 and earlier exposes sensitive process memory contents when a victim
Null Pointer Dereference in Adobe DNG SDK versions 1.7.1 build 2536 and earlier allows an attacker to crash any applicat
Out-of-bounds write in Adobe DNG SDK 1.7.1 2502 and earlier causes application denial-of-service through memory corrupti
Same weakness CWE-122 – Heap-based Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-37133
GHSA-gjjx-fhhm-r5cv