PatchSiren cyber security CVE debrief
CVE-2026-47963 Adobe CVE debrief
CVE-2026-47963 is a MEDIUM-severity vulnerability in DNG SDK versions 1.7.1 2536 and earlier. The vulnerability is caused by an out-of-bounds read issue, which could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information, but exploitation requires user interaction, as a victim must open a malicious file. The CVSS score for this vulnerability is 5.5.
- Vendor
- Adobe
- Product
- DNG SDK
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-16
- Original CVE updated
- 2026-06-16
- Advisory published
- 2026-06-16
- Advisory updated
- 2026-06-16
Who should care
Users of DNG SDK versions 1.7.1 2536 and earlier should be aware of this vulnerability and take steps to mitigate it.
Technical summary
The vulnerability is caused by an out-of-bounds read issue in DNG SDK versions 1.7.1 2536 and earlier. This could lead to disclosure of sensitive memory. The CWE for this vulnerability is CWE-125.
Defensive priority
MEDIUM
Recommended defensive actions
- Users should update to a version of DNG SDK that is not vulnerable.
- Users should exercise caution when opening files from unknown sources.
Evidence notes
The CVE record for CVE-2026-47963 was published on 2026-06-16T19:16:56.250Z and last modified on 2026-06-16T20:41:35.520Z. The NVD detail for this vulnerability can be found at [nvd](resourceLinkAnnotations.nvd). The CVE record can be found at [cve-org](resourceLinkAnnotations.cve-org). Adobe has published a security bulletin regarding this vulnerability at [ref-4](resourceLinkAnnotations.ref-4).
Official resources
-
CVE-2026-47963 CVE record
CVE.org
-
CVE-2026-47963 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-47963 was published on 2026-06-16T19:16:56.250Z and last modified on 2026-06-16T20:41:35.520Z.