VDB
CISA-2026-21353
CISA-2026-21353
PUBLISHED
CVSS 7.8 HIGH
Reported by adobe · Published February 10, 2026
DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Risk Scores
CVSS 3.1
7.8
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | DNG SDK | 0 |
| Adobe | DNG SDK | 0, 0 |
Timeline
- Feb 10, 2026 CVE Published
- Mar 10, 2026 CVE Updated