← Back

CVE-2026-47907

nvd nist
Published: Jun 9, 2026Modified: Jun 11, 2026

JSON object

Loading...
6.3
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
Exploitability: 1.8 / Impact: 4.0
Source: NVD

Description

Dreamweaver Desktop versions 21.7 and earlier are affected by an Improper Access Control vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories outside the intended access scope. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Scope is changed.

Affected (1)

Products: Adobe: Dreamweaver
Adobe
1 product
Dreamweaver
Configuration A
1 vulnerable · 2 platform
Vulnerable SoftwareAffected Versions
Dreamweaver
Before 21.8
Running on/withPlatform Versions
Apple
Macos
All versions
Microsoft
Windows
All versions

Related CWEs

CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (1)

Source: psirt@adobe.com
Vendor Advisory

Timeline

No history available yet.