Back to overview

CVE-2026-48340

HIGH
7.8
CVSS 3.1
Description
Bridge is affected by an Untrusted Pointer Dereference vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Metadata

CVE ID
CVE-2026-48340
State
PUBLISHED
Assigner
adobe
Reserved
2026-05-21 15:28 UTC
Published
2026-07-14 20:35 UTC
Last updated
2026-07-14 20:35 UTC
Primary CWE
CWE-822
Untrusted Pointer Dereference (CWE-822)
Vendor / Product
Adobe / Adobe Bridge
Sources
cve.org  ·  NVD

Severity & Metrics

7.8 HIGH CVSS 3.1
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products (2)
VendorProductPlatformVersions
Adobe Adobe Bridge 0 ≤ 16.0.3, 16.0.4
Adobe Adobe Bridge 0 ≤ 15.1.5, 15.1.6
Weakness (CWE)
CWESourceDescription
CWE-822 cna Untrusted Pointer Dereference (CWE-822)
CVSS scores (1)
ScoreSeverityVersionSourceVector
7.8 HIGH 3.1 cna CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Back to overview