Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
File must be opened locally by the user so AV:L and UI:R; no prior privileges needed (PR:N), and memory-corruption RCE yields full C/I/A impact within the user's context (S:U).
Primary rating from Vendor (adobe).
CVSS VectorVendor: adobe
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Bridge is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
AnalysisAI
Arbitrary code execution in Adobe Bridge results from an out-of-bounds write (CWE-787) that a victim triggers by opening a malicious file, running attacker-supplied code with the privileges of the current user. The flaw is local (AV:L) and requires user interaction, so it is a client-side, file-borne bug rather than a remotely reachable service vulnerability. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the victim to open a malicious, attacker-crafted file in Adobe Bridge (UI:R in the CVSS vector) - the code executes only in the context of that current user, with no privilege escalation across a scope boundary (S:U). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 base score is 7.8 (High) with vector AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H - local attack vector, low complexity, no privileges, but user interaction required, with full confidentiality, integrity, and availability impact and no scope change. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker crafts a malicious asset file (for example an image or media file) that triggers the out-of-bounds write when parsed by Adobe Bridge, and delivers it via email, a shared drive, or a downloaded asset pack. A designer opens or previews the file in Bridge, the corrupted memory write hijacks execution, and attacker code runs with that user's privileges. … |
| Remediation | Patch available per vendor advisory: update Adobe Bridge to the fixed release documented in Adobe Security Bulletin APSB26-81 (https://helpx.adobe.com/security/products/bridge/apsb26-81.html); apply the update through the Creative Cloud desktop app or Adobe's update channel and confirm the exact patched build number from that advisory, as the input data does not include an explicit fix version. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: inventory all Adobe Bridge installations and confirm patch deployment readiness; within 7 days: apply security update per advisory APSB26-81 to all affected Bridge instances, prioritizing systems that handle external files; within 30 days: conduct user awareness training on file-based malware risks and validate patch compliance across the environment.
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Adobe Bridge
View allArbitrary code execution in Adobe Bridge allows an attacker to run code in the context of the current user by tricking a
Arbitrary code execution in Adobe Bridge is possible through an out-of-bounds write (CWE-787) triggered when a victim op
Arbitrary code execution in Adobe Bridge is possible when a victim opens a maliciously crafted file that triggers a heap
Arbitrary code execution in Adobe Bridge arises from an integer overflow (CWE-190) triggered when a victim opens a malic
Arbitrary code execution in Adobe Bridge is possible when a victim opens a maliciously crafted file, triggering an out-o
Same weakness CWE-787 – Out-of-bounds Write
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-44497
GHSA-35r6-wcp2-v9mw