Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Local file-open bug (AV:L, UI:R) needing no prior auth (PR:N); reliable memory corruption (AC:L) yields code execution as the user with full C/I/A impact.
Primary rating from Vendor (adobe).
CVSS VectorVendor: adobe
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Bridge is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
AnalysisAI
Arbitrary code execution in Adobe Bridge is possible through an out-of-bounds write (CWE-787) triggered when a victim opens a maliciously crafted file, running attacker code in the context of the current user. All versions covered by Adobe advisory APSB26-81 are affected, and while there is no public exploit identified at time of analysis, the local user-interaction attack pattern is consistent with weaponized document/asset lures. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the victim to open an attacker-crafted malicious file in Adobe Bridge - this user interaction (UI:R) is the mandatory precondition explicitly stated in the description. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 vector CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H yields a 7.8 High severity driven by high impact across all three security properties, but the local attack vector (AV:L) and required user interaction (UI:R) are the key limiting factors: an attacker cannot exploit this remotely or automatically, and instead depends on a victim opening a malicious file. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker crafts a malicious Bridge-supported asset or metadata file that triggers the out-of-bounds write and emails or shares it with a target creative professional under a plausible pretext (e.g., a project asset pack). When the victim opens the file in Adobe Bridge, the memory corruption is triggered and attacker-controlled code executes with the victim's privileges. … |
| Remediation | Update Adobe Bridge to the fixed version published in Adobe Security Bulletin APSB26-81 (https://helpx.adobe.com/security/products/bridge/apsb26-81.html) - the exact patched build is enumerated there and should be applied as the primary remediation, ideally via Adobe Creative Cloud desktop auto-update or managed deployment. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours, inventory all Adobe Bridge installations covering APSB26-81 versions and notify affected users to refuse suspicious files; establish a reporting channel for security incidents. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Adobe Bridge
View allArbitrary code execution in Adobe Bridge is possible when a victim opens a maliciously crafted file that triggers a heap
Arbitrary code execution in Adobe Bridge allows an attacker to run code in the context of the current user by tricking a
Arbitrary code execution in Adobe Bridge arises from an integer overflow (CWE-190) triggered when a victim opens a malic
Arbitrary code execution in Adobe Bridge is possible when a victim opens a maliciously crafted file, triggering an out-o
Arbitrary code execution in Adobe Bridge results from an out-of-bounds write (CWE-787) that a victim triggers by opening
Same weakness CWE-787 – Out-of-bounds Write
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-44499
GHSA-p2mm-qw8g-q2p9