Skip to main content

Adobe Media Encoder

5 CVEs product

Monthly

CVE-2026-47971 HIGH This Week

Arbitrary code execution in Adobe Media Encoder arises from a stack-based buffer overflow (CWE-121) triggered when a victim opens a maliciously crafted media file, allowing an attacker to run code in the context of the current user. The CVSS 3.1 base score is 7.8 (local vector, user interaction required, no privileges needed). There is no public exploit identified at time of analysis and it is not listed in CISA KEV, so risk is file-delivery-driven rather than remotely wormable.

Buffer Overflow Stack Overflow RCE Adobe Media Encoder
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-48366 HIGH This Week

Arbitrary code execution in Adobe Media Encoder is possible through an out-of-bounds write triggered when a victim opens a maliciously crafted media file, running attacker code in the context of the current user. The flaw was reported by Adobe and is addressed in advisory APSB26-72; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Exploitation hinges on user interaction (opening the file) and yields high impact to confidentiality, integrity, and availability.

Buffer Overflow Memory Corruption RCE Adobe Media Encoder
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-47976 HIGH This Week

Arbitrary code execution in Adobe Media Encoder is possible when a victim opens a maliciously crafted media file, triggering an out-of-bounds write (CWE-787) that runs attacker code in the context of the current user. The flaw is local and requires user interaction, so it is not remotely wormable, but successful exploitation grants full compromise of the user's session. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; Adobe published advisory APSB26-72 addressing the issue.

Buffer Overflow Memory Corruption RCE Adobe Media Encoder
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-47979 MEDIUM This Month

Media Encoder is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Buffer Overflow Information Disclosure Adobe Media Encoder
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2026-48370 HIGH This Week

Arbitrary code execution in Adobe Media Encoder arises from an out-of-bounds write (CWE-787) that lets a crafted media file corrupt memory and run attacker-controlled code in the context of the current user. Any user who opens a malicious file in the affected desktop application is at risk, with full loss of confidentiality, integrity, and availability on the host. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Buffer Overflow Memory Corruption RCE Adobe Media Encoder
NVD
CVSS 3.1
7.8
EPSS
0.1%
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe Media Encoder arises from a stack-based buffer overflow (CWE-121) triggered when a victim opens a maliciously crafted media file, allowing an attacker to run code in the context of the current user. The CVSS 3.1 base score is 7.8 (local vector, user interaction required, no privileges needed). There is no public exploit identified at time of analysis and it is not listed in CISA KEV, so risk is file-delivery-driven rather than remotely wormable.

Buffer Overflow Stack Overflow RCE +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe Media Encoder is possible through an out-of-bounds write triggered when a victim opens a maliciously crafted media file, running attacker code in the context of the current user. The flaw was reported by Adobe and is addressed in advisory APSB26-72; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Exploitation hinges on user interaction (opening the file) and yields high impact to confidentiality, integrity, and availability.

Buffer Overflow Memory Corruption RCE +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe Media Encoder is possible when a victim opens a maliciously crafted media file, triggering an out-of-bounds write (CWE-787) that runs attacker code in the context of the current user. The flaw is local and requires user interaction, so it is not remotely wormable, but successful exploitation grants full compromise of the user's session. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; Adobe published advisory APSB26-72 addressing the issue.

Buffer Overflow Memory Corruption RCE +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Media Encoder is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Buffer Overflow Information Disclosure Adobe Media Encoder
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe Media Encoder arises from an out-of-bounds write (CWE-787) that lets a crafted media file corrupt memory and run attacker-controlled code in the context of the current user. Any user who opens a malicious file in the affected desktop application is at risk, with full loss of confidentiality, integrity, and availability on the host. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Buffer Overflow Memory Corruption RCE +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy