CVE-2026-48340
HIGH
7.8
CVSS 3.1
Description
Bridge is affected by an Untrusted Pointer Dereference vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Metadata
Severity & Metrics
7.8
HIGH CVSS 3.1
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products (2)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| Adobe | Adobe Bridge | — | 0 ≤ 16.0.3, 16.0.4 |
| Adobe | Adobe Bridge | — | 0 ≤ 15.1.5, 15.1.6 |
Weakness (CWE)
| CWE | Source | Description |
|---|---|---|
| CWE-822 | cna | Untrusted Pointer Dereference (CWE-822) |
CVSS scores (1)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 7.8 | HIGH | 3.1 | cna | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |