CVE Catalog

CVE-2026-47907

HighCVSS 8.6
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.17%

6th percentile - higher than 6% of all known CVEs

Summary

Dreamweaver Desktop versions 21.7 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability by tricking a victim into opening a malicious file. The scope of the vulnerability has changed.

Risk Assessment

The risk involves potential takeover of the user's workstation and execution of arbitrary code, which could lead to data theft, malware installation, or further propagation of the attack within the organization's network.

Recommendation

It is recommended to immediately update Dreamweaver Desktop to the latest available version that addresses this vulnerability. Additionally, users should be instructed not to open suspicious files from untrusted sources.

Original NVD description (English source)

Dreamweaver Desktop versions 21.7 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability to execute arbitrary code. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Scope is changed.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS