CVE-2026-26208

Name of the Vulnerable Software and Affected Versions ADB Explorer versions prior to Beta 0.9.26020

Description ADB Explorer, a fluent UI for ADB on Windows, contains a flaw due to Insecure Deserialization, potentially leading to Remote Code Execution. The application deserializes the App.txt settings file using Newtonsoft.Json with TypeNameHandling set to Objects. An attacker can provide a specially crafted JSON file containing a gadget chain, such as ObjectDataProvider, to execute arbitrary code when the application launches and saves its settings.

Recommendations Update to Beta 0.9.26020 or later.