CVE-2026-27615

Name of the Vulnerable Software and Affected Versions ADB Explorer versions prior to Beta 0.9.26022

Description ADB Explorer, a fluent UI for ADB on Windows, allows manipulation of the ManualAdbPath settings variable. This variable defines the path to the ADB binary. Setting this variable to a Universal Naming Convention (UNC) path allows an attacker to point the binary to a remote network resource under their control. Successful exploitation grants the attacker full control over the executed binary, potentially enabling remote code execution on the victim's machine with the privileges of the user running the application. This is achievable by tricking a victim into running a shortcut of the application that references a custom App.txt settings file, which sets the ManualAdbPath.

Recommendations Update to version Beta 0.9.26022 or later.