Race Condition Vulnerability in Creative Cloud Desktop by Adobe
CVE-2026-48344

7.8HIGH

Key Information:

Vendor

Adobe

Vendor
CVE Published:
14 July 2026

What is CVE-2026-48344?

Adobe's Creative Cloud Desktop has a vulnerability characterized as a Time-of-check Time-of-use (TOCTOU) race condition. This issue could lead to arbitrary code execution within the context of the current user. Exploitation is possible without user interaction, making the issue particularly concerning. The vulnerability depends on specific conditions that an attacker cannot control, indicating a nuanced exploitation scenario.

Affected Version(s)

Creative Cloud Desktop 0 <= 6.9.1.1

Creative Cloud Desktop 0 <= 6.9.1.1

Creative Cloud Desktop 6.10.0.252.3

References

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.