Skip to main content

Premiere

4 CVEs product

Monthly

CVE-2026-48269 HIGH This Week

Arbitrary code execution in Adobe Premiere Pro is possible via a heap-based buffer overflow (CWE-122) triggered when a victim opens a maliciously crafted project or media file, running attacker code in the context of the current user. The flaw is local and requires user interaction, with no public exploit identified at time of analysis; Adobe self-reported it in advisory APSB26-76. CVSS 7.8 reflects high confidentiality, integrity, and availability impact but a local attack vector gated by the user opening a malicious file.

Heap Overflow Buffer Overflow RCE Premiere
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-48369 HIGH This Week

Arbitrary code execution in Adobe Premiere Pro via an out-of-bounds write (CWE-787) that lets an attacker run code in the context of the current user when a victim opens a maliciously crafted project or media file. The flaw is memory-corruption based and file-driven, requiring user interaction rather than network exposure; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. EPSS data was not provided, but the local, user-interaction-gated vector places this in the file-format/client-side attack category typical of Adobe desktop products.

Buffer Overflow Memory Corruption RCE Premiere
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-48270 HIGH This Week

Arbitrary code execution in Adobe Premiere Pro is possible when a victim opens a maliciously crafted project or media file, triggering an out-of-bounds write (CWE-787) that runs attacker code in the context of the current user. The flaw was reported by Adobe (advisory APSB26-76) and carries a CVSS 3.1 base score of 7.8 (local vector, requires user interaction). There is no public exploit identified at time of analysis and it is not listed in CISA KEV, so risk is currently driven by the ease of social-engineering a user into opening a booby-trapped file.

Buffer Overflow Memory Corruption RCE Premiere
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-48308 MEDIUM This Month

Premiere Pro is affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user interaction. Scope is changed.

Authentication Bypass Premiere
NVD
CVSS 3.1
5.9
EPSS
0.2%
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe Premiere Pro is possible via a heap-based buffer overflow (CWE-122) triggered when a victim opens a maliciously crafted project or media file, running attacker code in the context of the current user. The flaw is local and requires user interaction, with no public exploit identified at time of analysis; Adobe self-reported it in advisory APSB26-76. CVSS 7.8 reflects high confidentiality, integrity, and availability impact but a local attack vector gated by the user opening a malicious file.

Heap Overflow Buffer Overflow RCE +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe Premiere Pro via an out-of-bounds write (CWE-787) that lets an attacker run code in the context of the current user when a victim opens a maliciously crafted project or media file. The flaw is memory-corruption based and file-driven, requiring user interaction rather than network exposure; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. EPSS data was not provided, but the local, user-interaction-gated vector places this in the file-format/client-side attack category typical of Adobe desktop products.

Buffer Overflow Memory Corruption RCE +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe Premiere Pro is possible when a victim opens a maliciously crafted project or media file, triggering an out-of-bounds write (CWE-787) that runs attacker code in the context of the current user. The flaw was reported by Adobe (advisory APSB26-76) and carries a CVSS 3.1 base score of 7.8 (local vector, requires user interaction). There is no public exploit identified at time of analysis and it is not listed in CISA KEV, so risk is currently driven by the ease of social-engineering a user into opening a booby-trapped file.

Buffer Overflow Memory Corruption RCE +1
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

Premiere Pro is affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user interaction. Scope is changed.

Authentication Bypass Premiere
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy