PT-2026-7431 · Adobe · Dng Sdk
Jann Horn
·
Published
2026-02-10
·
Updated
2026-02-10
·
CVE-2026-21355
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
DNG SDK versions 1.7.1 2410 and earlier
Description
DNG SDK versions 1.7.1 2410 and earlier contain an out-of-bounds read issue that may result in memory exposure. An attacker could potentially use this to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction, specifically that a user opens a malicious file.
Recommendations
Versions prior to 1.7.1 2410 should be updated.
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dng Sdk