cvedb.io
CVE-2026-21267
HIGH · CVSS 8.6
EPSS exploitation probability: 0%
Published 2026-01-13T19:16:24.213 · Last modified 2026-06-17T10:18:23.680

Summary

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is changed.

Affected products

adobe — dreamweaver

Does this affect you?

Add your gear to cvedb and we'll alert you only when adobe ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.