VDB

CVE-2025-54256

CVE-2025-54256 PUBLISHED CVSS 8.600000381469727 HIGH

Dreamweaver Desktop versions 21.5 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must click on a malicious link, and scope is changed.

EPSS 0.02% · 5.7th percentile

Risk Scores

CVSS 3.1
8.600000381469727
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS Score
0.02%
5.7th percentile

Affected Products

VendorProductVersions
adobedreamweaver0
AdobeDreamweaver Desktop0

Timeline

  • Sep 9, 2025 Coalition ESS Score
  • Sep 9, 2025 CVE Published
  • Sep 9, 2025 PoC Published
  • Sep 10, 2025 EPSS Score
  • Sep 11, 2025 Coalition ESS Score
  • Sep 17, 2025 EPSS Score
  • Sep 25, 2025 EPSS Score
  • Oct 2, 2025 EPSS Score
  • Oct 4, 2025 Coalition ESS Score
  • Oct 6, 2025 Coalition ESS Score
  • Oct 9, 2025 EPSS Score
  • Oct 17, 2025 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›