PatchSiren cyber security CVE debrief
CVE-2026-47927 Adobe CVE debrief
CVE-2026-47927 is a MEDIUM-severity vulnerability (CVSS Score: 5.5) affecting DNG SDK versions 1.7.1 2536 and earlier. The vulnerability is caused by an out-of-bounds read issue, which could lead to disclosure of sensitive memory. An attacker would need to trick a victim into opening a malicious file to exploit this issue.
- Vendor
- Adobe
- Product
- DNG SDK
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-16
- Original CVE updated
- 2026-06-16
- Advisory published
- 2026-06-16
- Advisory updated
- 2026-06-16
Who should care
Users of DNG SDK versions 1.7.1 2536 and earlier should be aware of this vulnerability and take steps to mitigate it.
Technical summary
The vulnerability is caused by an out-of-bounds read issue in DNG SDK versions 1.7.1 2536 and earlier. This could lead to disclosure of sensitive memory. The Common Vulnerability Scoring System (CVSS) score for this vulnerability is 5.5, indicating a MEDIUM severity.
Defensive priority
MEDIUM
Recommended defensive actions
- Users should update to a version of DNG SDK that is not vulnerable.
- Until an update is available, users should be cautious when opening files from untrusted sources.
Evidence notes
The CVE was published on 2026-06-16T19:16:56.007Z and last modified on 2026-06-16T20:41:35.520Z. The vendor is currently listed as Unknown Vendor, but there is evidence suggesting the vendor may be Adobe [reference_domain_candidate].
Official resources
-
CVE-2026-47927 CVE record
CVE.org
-
CVE-2026-47927 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-47927 was published on 2026-06-16T19:16:56.007Z and last modified on 2026-06-16T20:41:35.520Z.