Untrusted Search Path Vulnerability in Adobe Animate
CVE-2026-48346

7.9HIGH

Key Information:

Vendor

Adobe

Vendor
CVE Published:
14 July 2026

What is CVE-2026-48346?

Adobe Animate is vulnerable to an untrusted search path flaw that can allow for arbitrary code execution when a user opens a malicious file. The exploitation of this vulnerability requires the victim to interact with the malicious content, thus changing the security scope within which the application operates. Proper precautions should be taken to avoid opening unverified files to mitigate this risk.

Affected Version(s)

Adobe Animate 2023 0 <= 23.0.15

Adobe Animate 2023 0 <= 23.0.15

Adobe Animate 2024 0 <= 24.0.13

References

CVSS V3.1

Score:
7.9
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.