OS Command Injection Vulnerability in Adobe Animate
CVE-2026-48347
7.7HIGH
Key Information:
- Vendor
Adobe
- Vendor
- CVE Published:
- 14 July 2026
What is CVE-2026-48347?
Adobe Animate is susceptible to an OS Command Injection vulnerability, caused by improper neutralization of special elements used in OS commands. This flaw potentially allows an attacker to execute arbitrary code within the context of the current user. Exploiting this vulnerability necessitates user interaction, as the victim must open a specially crafted malicious file. Users of affected versions should take immediate action to safeguard their systems.
Affected Version(s)
Adobe Animate 2023 0 <= 23.0.15
Adobe Animate 2023 0 <= 23.0.15
Adobe Animate 2024 0 <= 24.0.13