What is CVE-2023-26358?

CVE-2023-26358 is a high-severity vulnerability in Adobe Creative Cloud (Desktop Component), classified under Untrusted Search Path. CVSS score: 8.6/10. Published 2023-03-22.

How severe is CVE-2023-26358?

High severity. CVSS v3 base score is 8.6 out of 10.

Vulnerability in Adobe Creative Cloud (Desktop Component)

CVE-2023-26358

Creative Cloud version 5.9.1 (and earlier) is affected by an Untrusted Search Path vulnerability that might allow attackers to execute their own programs, access unauthorized data files, or modify configuration in unexpected ways. If the a…

EPSS: 0.003 (55.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.6 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H.

Affected products

Adobe Creative Cloud (Desktop Component) — versions unspecified

Weakness classification (CWE)

CWE-426 — Untrusted Search Path

References

helpx.adobe.com/security/products/creative-cloud/apsb23-21.html

Frequently asked questions

What is CVE-2023-26358?: CVE-2023-26358 is a high-severity vulnerability in Adobe Creative Cloud (Desktop Component), classified under Untrusted Search Path. CVSS score: 8.6/10. Published 2023-03-22.
How severe is CVE-2023-26358?: High severity. CVSS v3 base score is 8.6 out of 10.