Description
Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system write. An attacker could leverage this vulnerability to manipulate or inject malicious data into files on the system. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is changed.
CVSS Metrics
- Vector
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
- Attack Vector
- local
- Complexity
- low
- Privileges
- none
- User Action
- required
- Scope
- changed
- Confidentiality
- high
- Integrity
- high
- Availability
- high
- Weaknesses
- CWE-20
Metadata
- Primary Vendor
- ADOBE
- Published
- 1/13/2026
- Last Modified
- 1/14/2026
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
adobe : dreamweaver
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.