NULL Pointer Dereference in DNG SDK by Adobe
CVE-2026-48267

5.5MEDIUM

Key Information:

Vendor

Adobe

Status
Vendor
CVE Published:
6 July 2026

What is CVE-2026-48267?

The DNG SDK versions 1.7.1 2536 and earlier are susceptible to a NULL Pointer Dereference vulnerability, which could potentially lead to a denial-of-service situation. This issue could be exploited by an attacker if a user interacts with a compromised file, resulting in the application crashing and becoming inaccessible. It's important for users of the DNG SDK to be aware of this vulnerability and to take preventative measures.

Affected Version(s)

DNG SDK 0 <= 1.7.1 2536

References

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.