Skip to main content

Adobe Media Encoder CVE-2026-47976

| EUVDEUVD-2026-44445 HIGH
Out-of-bounds Write (CWE-787)
2026-07-14 adobe GHSA-vmgv-gqvj-7p7g
7.8
CVSS 3.1 · Vendor: adobe
Share

Severity by source

Vendor (adobe) PRIMARY
7.8 HIGH
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
vuln.today AI
7.8 HIGH

Local file-open exploitation (AV:L, UI:R) needs no prior privileges (PR:N) and yields full user-context code execution, giving high C/I/A with unchanged scope.

3.1 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
4.0 AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (adobe).

CVSS VectorVendor: adobe

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Jul 14, 2026 - 21:19 vuln.today
CVE Published
Jul 14, 2026 - 19:58 cve.org
HIGH 7.8

DescriptionCVE.org

Media Encoder is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

AnalysisAI

Arbitrary code execution in Adobe Media Encoder is possible when a victim opens a maliciously crafted media file, triggering an out-of-bounds write (CWE-787) that runs attacker code in the context of the current user. The flaw is local and requires user interaction, so it is not remotely wormable, but successful exploitation grants full compromise of the user's session. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Craft malicious media file
Delivery
Deliver via phishing or shared asset
Exploit
Victim opens file in Media Encoder
Execution
Trigger out-of-bounds write in parser
Persist
Corrupt memory and hijack control flow
Impact
Execute code as current user

Vulnerability AssessmentAI

Exploitation Exploitation requires the victim to open a malicious, attacker-crafted media/container file in Adobe Media Encoder on the local machine - that user interaction (CVSS UI:R) is the mandatory trigger, and there is no remote or unauthenticated network path. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 base score is 7.8 (High) with vector AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H - local attack vector, low complexity, no privileges, but required user interaction, with high confidentiality/integrity/availability impact and unchanged scope. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker crafts a malicious media or project file that triggers the out-of-bounds write and delivers it via email, a shared drive, or a compromised asset library used by a video/production team. When an editor opens or imports the file in Adobe Media Encoder, the corrupted memory operation hijacks execution and runs the attacker's payload with that user's privileges. …
Remediation Patch available per vendor advisory (APSB26-72): update Adobe Media Encoder to the fixed version listed by Adobe, distributed through the Creative Cloud desktop application, and consult https://helpx.adobe.com/security/products/media-encoder/apsb26-72.html for the exact patched build number (the input does not include a specific fixed version string, so use the version named in that advisory rather than an assumed number). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours, identify all systems running Adobe Media Encoder and restrict user ability to open media files from untrusted sources; provide users with clear guidance to avoid opening suspicious media files and establish a reporting protocol for suspicious behavior. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-47976 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy