← Back

CVE-2026-47909

nvd nist
Published: Jun 9, 2026Modified: Jun 11, 2026

JSON object

Loading...
6.3
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
Exploitability: 1.8 / Impact: 4.0
Source: psirt@adobe.com

Description

Dreamweaver Desktop versions 21.7 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories outside the intended access scope. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Scope is changed.

Affected (1)

Products: Adobe: Dreamweaver
Adobe
1 product
Dreamweaver
Configuration A
1 vulnerable · 2 platform
Vulnerable SoftwareAffected Versions
Dreamweaver
Before 21.8
Running on/withPlatform Versions
Apple
Macos
All versions
Microsoft
Windows
All versions

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (1)

Source: psirt@adobe.com
Vendor Advisory

Timeline

No history available yet.