What is CVE-2026-26208?

CVE-2026-26208 is a high-severity vulnerability in Alex4ssb Adb-explorer, classified under Deserialization of Untrusted Data. CVSS score: 7.8/10. Published 2026-02-13.

How severe is CVE-2026-26208?

High severity. CVSS v3 base score is 7.8 out of 10.

Deserialization in Alex4ssb Adb-explorer

CVE-2026-26208

ADB Explorer is a fluent UI for ADB on Windows. Prior to Beta 0.9.26020, ADB Explorer is vulnerable to Insecure Deserialization leading to Remote Code Execution. The application attempts to deserialize the App.txt settings file using Newto…

Vulnerability class: Insecure Deserialization

EPSS: 0.010 (77.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.

Affected products

Alex4ssb Adb-explorer — versions < Beta 0.9.26020

Weakness classification (CWE)

CWE-502 — Deserialization of Untrusted Data

References

https://github.com/Alex4SSB/ADB-Explorer/security/advisories/GHSA-49qx-wpxj-p4mh (x_refsource_CONFIRM)
https://github.com/Alex4SSB/ADB-Explorer/issues/294 (x_refsource_MISC)
https://github.com/Alex4SSB/ADB-Explorer/commit/776f132cede86e1405520f2a28c78276dda5ab5a (x_refsource_MISC)
https://github.com/Alex4SSB/ADB-Explorer/releases/tag/v0.9.26020 (x_refsource_MISC)

Frequently asked questions

What is CVE-2026-26208?: CVE-2026-26208 is a high-severity vulnerability in Alex4ssb Adb-explorer, classified under Deserialization of Untrusted Data. CVSS score: 7.8/10. Published 2026-02-13.
How severe is CVE-2026-26208?: High severity. CVSS v3 base score is 7.8 out of 10.