Incorrect Authorization Vulnerability in Adobe Animate Product
CVE-2026-48349

8.1HIGH

Key Information:

Vendor

Adobe

Vendor
CVE Published:
14 July 2026

What is CVE-2026-48349?

Adobe Animate is susceptible to an Incorrect Authorization vulnerability that can enable an attacker to perform arbitrary code execution in the context of the current user. This exploit can occur under specific conditions that do not rely on any user interaction, making it particularly concerning for users of the software. The vulnerability allows for unauthorized access, significantly compromising the integrity and security of the affected systems.

Affected Version(s)

Adobe Animate 2023 0 <= 23.0.15

Adobe Animate 2023 0 <= 23.0.15

Adobe Animate 2024 0 <= 24.0.13

References

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.