CVE-2026-47910
6.3 MEDIUMDreamweaver Desktop versions 21.7 and earlier are affected by an Incorrect Authorization vulnerability that could lead to arbitrary file ...
Published: 2026-06-09 · Last updated: 2026-06-09
Severity and scoring
- CVSS
- 6.3 MEDIUM
- Vector
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
- CWE
- CWE-863
Description
Dreamweaver Desktop versions 21.7 and earlier are affected by an Incorrect Authorization vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories outside the intended access scope. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Scope is changed.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2026-24724 — An incorrect authorization vulnerability has been reported to affect File Station 6
- CVE-2026-48303 — Adobe Campaign Classic (ACC) versions 7.4.3 build 9394 and earlier are affected by an Incorrect Authorization vulnerability that could re... (10.0 CRITICAL)
- CVE-2026-47929 — ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary c... (8.4 HIGH)
- CVE-2026-41852 — A vulnerability in Spring Expression Language (SpEL) evaluation logic allows for arbitrary zero-argument method invocation, even within r... (3.7 LOW)
- CVE-2026-48507 — Snipe-IT is an IT asset/license management system (7.1 HIGH)