Improper Input Validation Vulnerability in Adobe Experience Manager
CVE-2026-48289

3.5LOW

Key Information:

Vendor

Adobe

Vendor
CVE Published:
9 June 2026

What is CVE-2026-48289?

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04, and earlier are susceptible to an Improper Input Validation vulnerability. This security flaw allows a low-privileged attacker to bypass security features, potentially gaining unauthorized write access. Exploiting this vulnerability necessitates user interaction, as the victim must either visit a specially crafted URL or engage with a compromised webpage. This presents significant risks to data integrity and security for users of the affected versions.

Affected Version(s)

Adobe Experience Manager 0 <= 2026.04

References

CVSS V3.1

Score:
3.5
Severity:
LOW
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.