Skip to main content

Adobe Bridge

6 CVEs product

Monthly

CVE-2026-48340 HIGH This Week

Arbitrary code execution in Adobe Bridge allows an attacker to run code in the context of the current user by tricking a victim into opening a maliciously crafted file that triggers an untrusted pointer dereference (CWE-822). The flaw is local and file-based, requiring user interaction; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Exploitation yields full impact on confidentiality, integrity, and availability limited to the privileges of the user running Bridge.

RCE Adobe Bridge
NVD VulDB
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-48343 HIGH This Week

Arbitrary code execution in Adobe Bridge is possible through an out-of-bounds write (CWE-787) triggered when a victim opens a maliciously crafted file, running attacker code in the context of the current user. All versions covered by Adobe advisory APSB26-81 are affected, and while there is no public exploit identified at time of analysis, the local user-interaction attack pattern is consistent with weaponized document/asset lures. The CVSS 7.8 (High) rating reflects full confidentiality, integrity, and availability impact once a victim is socially engineered into opening the file.

Buffer Overflow Memory Corruption RCE Adobe Bridge
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-48339 HIGH This Week

Arbitrary code execution in Adobe Bridge is possible when a victim opens a maliciously crafted file that triggers a heap-based buffer overflow (CWE-122), letting an attacker run code in the context of the current user. The flaw was reported by Adobe and disclosed in advisory APSB26-81; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Exploitation is file-borne and requires user interaction, so it is not remotely triggerable without a user opening attacker-supplied content.

Heap Overflow Buffer Overflow RCE Adobe Bridge
NVD VulDB
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-48311 HIGH This Week

Arbitrary code execution in Adobe Bridge results from an out-of-bounds write (CWE-787) that a victim triggers by opening a malicious file, running attacker-supplied code with the privileges of the current user. The flaw is local (AV:L) and requires user interaction, so it is a client-side, file-borne bug rather than a remotely reachable service vulnerability. No public exploit identified at time of analysis and it is not listed in CISA KEV; Adobe patched it in advisory APSB26-81.

Buffer Overflow Memory Corruption RCE Adobe Bridge
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-48342 HIGH This Week

Arbitrary code execution in Adobe Bridge arises from an integer overflow (CWE-190) triggered when a victim opens a maliciously crafted file, allowing an attacker to run code in the context of the current user. The flaw is local and requires user interaction, carrying a CVSS 7.8 (High) score. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

RCE Integer Overflow Adobe Bridge
NVD VulDB
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-48341 HIGH This Week

Arbitrary code execution in Adobe Bridge is possible when a victim opens a maliciously crafted file, triggering an out-of-bounds write (CWE-787) that executes attacker-controlled code in the context of the current user. The flaw affects Adobe Bridge as reported by Adobe (advisory APSB26-81) and is rated CVSS 7.8; no public exploit identified at time of analysis and it is not listed in CISA KEV. Exploitation is local and hinges entirely on user interaction - the victim must open the malicious file.

Buffer Overflow Memory Corruption RCE Adobe Bridge
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe Bridge allows an attacker to run code in the context of the current user by tricking a victim into opening a maliciously crafted file that triggers an untrusted pointer dereference (CWE-822). The flaw is local and file-based, requiring user interaction; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Exploitation yields full impact on confidentiality, integrity, and availability limited to the privileges of the user running Bridge.

RCE Adobe Bridge
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe Bridge is possible through an out-of-bounds write (CWE-787) triggered when a victim opens a maliciously crafted file, running attacker code in the context of the current user. All versions covered by Adobe advisory APSB26-81 are affected, and while there is no public exploit identified at time of analysis, the local user-interaction attack pattern is consistent with weaponized document/asset lures. The CVSS 7.8 (High) rating reflects full confidentiality, integrity, and availability impact once a victim is socially engineered into opening the file.

Buffer Overflow Memory Corruption RCE +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe Bridge is possible when a victim opens a maliciously crafted file that triggers a heap-based buffer overflow (CWE-122), letting an attacker run code in the context of the current user. The flaw was reported by Adobe and disclosed in advisory APSB26-81; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Exploitation is file-borne and requires user interaction, so it is not remotely triggerable without a user opening attacker-supplied content.

Heap Overflow Buffer Overflow RCE +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe Bridge results from an out-of-bounds write (CWE-787) that a victim triggers by opening a malicious file, running attacker-supplied code with the privileges of the current user. The flaw is local (AV:L) and requires user interaction, so it is a client-side, file-borne bug rather than a remotely reachable service vulnerability. No public exploit identified at time of analysis and it is not listed in CISA KEV; Adobe patched it in advisory APSB26-81.

Buffer Overflow Memory Corruption RCE +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe Bridge arises from an integer overflow (CWE-190) triggered when a victim opens a maliciously crafted file, allowing an attacker to run code in the context of the current user. The flaw is local and requires user interaction, carrying a CVSS 7.8 (High) score. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

RCE Integer Overflow Adobe Bridge
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe Bridge is possible when a victim opens a maliciously crafted file, triggering an out-of-bounds write (CWE-787) that executes attacker-controlled code in the context of the current user. The flaw affects Adobe Bridge as reported by Adobe (advisory APSB26-81) and is rated CVSS 7.8; no public exploit identified at time of analysis and it is not listed in CISA KEV. Exploitation is local and hinges entirely on user interaction - the victim must open the malicious file.

Buffer Overflow Memory Corruption RCE +1
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy