PatchSiren cyber security CVE debrief
CVE-2026-47907 Adobe CVE debrief
CVE-2026-47907 is a HIGH-severity vulnerability in Adobe Dreamweaver Desktop versions 21.7 and earlier. The vulnerability is caused by an Improper Access Control issue, which could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories outside the intended access scope. Exploitation of this issue requires user interaction, as a victim must open a malicious file.
- Vendor
- Adobe
- Product
- Dreamweaver
- CVSS
- HIGH 8.2
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-09
- Original CVE updated
- 2026-06-11
- Advisory published
- 2026-06-09
- Advisory updated
- 2026-06-11
Who should care
Users of Adobe Dreamweaver Desktop versions 21.7 and earlier should apply the necessary updates to prevent exploitation of this vulnerability.
Technical summary
The vulnerability has a CVSS score of 8.2 and a CVSS severity of HIGH. The CVSS vector is CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N. The weakness is classified as CWE-284: Improper Access Control.
Defensive priority
HIGH
Recommended defensive actions
- Apply the necessary updates to Adobe Dreamweaver Desktop versions 21.7 and earlier.
- Refer to the vendor advisory at resourceLinkAnnotations.ref-4 for more information.
Evidence notes
The vulnerability was published on 2026-06-09T20:16:59.803Z and modified on 2026-06-11T19:21:51.290Z. The CVE record can be found at resourceLinkAnnotations.cve-org and the NVD detail can be found at resourceLinkAnnotations.nvd.
Official resources
-
CVE-2026-47907 CVE record
CVE.org
-
CVE-2026-47907 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
CVE-2026-47907 was published on 2026-06-09T20:16:59.803Z and modified on 2026-06-11T19:21:51.290Z.