PatchSiren cyber security CVE debrief
CVE-2026-47934 Adobe CVE debrief
CVE-2026-47934 is a MEDIUM-severity vulnerability (CVSS Score: 5.5) affecting DNG SDK versions 1.7.1 2536 and earlier. The vulnerability is caused by an out-of-bounds read issue, which could lead to disclosure of sensitive memory. An attacker would need to trick a victim into opening a malicious file to exploit this issue.
- Vendor
- Adobe
- Product
- DNG SDK
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-16
- Original CVE updated
- 2026-06-16
- Advisory published
- 2026-06-16
- Advisory updated
- 2026-06-16
Who should care
Users of DNG SDK versions 1.7.1 2536 and earlier should apply patches or updates as soon as available.
Technical summary
The vulnerability is caused by an out-of-bounds read issue in DNG SDK. This could allow an attacker to disclose sensitive information. The issue requires user interaction, as a victim must open a malicious file.
Defensive priority
MEDIUM
Recommended defensive actions
- Apply patches or updates from the vendor as soon as available.
- Be cautious when opening files from unknown sources.
Evidence notes
The CVE record indicates that the vulnerability affects DNG SDK versions 1.7.1 2536 and earlier. The CVSS vector is CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N.
Official resources
-
CVE-2026-47934 CVE record
CVE.org
-
CVE-2026-47934 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-47934 was published on 2026-06-16T19:16:56.130Z and modified on 2026-06-16T20:41:35.520Z.