Adobe Dreamweaver
22 CVEs affecting Adobe Dreamweaver. Latest disclosed: 2026-06-09. Critical: 1, High: 14.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2018-4924 | Critical | 9.8 | 2018-05-19 | Adobe Dreamweaver CC versions 18.0 and earlier have an OS Command Injection vulnerability. Successful exploitation could lead to arbitrary code execution in th… |
CVE-2026-47907 | High | 8.6 | 2026-06-09 | Dreamweaver Desktop versions 21.7 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the con… |
CVE-2026-47906 | High | 8.6 | 2026-06-09 | Dreamweaver Desktop versions 21.7 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result in arbitrary cod… |
CVE-2026-21272 | High | 8.6 | 2026-01-13 | Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system write. An att… |
CVE-2026-21271 | High | 8.6 | 2026-01-13 | Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the c… |
CVE-2026-21268 | High | 8.6 | 2026-01-13 | Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the c… |
CVE-2026-21267 | High | 8.6 | 2026-01-13 | Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vul… |
CVE-2025-54256 | High | 8.6 | 2025-09-09 | Dreamweaver Desktop versions 21.5 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could result in arbitrary code execution i… |
CVE-2026-47908 | High | 7.8 | 2026-06-09 | Dreamweaver Desktop versions 21.7 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in… |
CVE-2026-21274 | High | 7.8 | 2026-01-13 | Dreamweaver Desktop versions 21.6 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the con… |
CVE-2025-30310 | High | 7.8 | 2025-05-13 | Dreamweaver Desktop versions 21.4 and earlier are affected by an Access of Resource Using Incompatible Type ('Type Confusion') vulnerability that could result… |
CVE-2024-30314 | High | 7.8 | 2024-05-16 | Dreamweaver Desktop versions 21.3 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vul… |
CVE-2019-7956 | High | 7.8 | 2019-07-18 | Adobe Dreamweaver direct download installer versions 19.0 and below, 18.0 and below have an Insecure Library Loading (DLL hijacking) vulnerability. Successful… |
CVE-2020-24425 | High | 7.5 | 2020-10-21 | Dreamweaver version 20.2 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. Successful exp… |
CVE-2019-7097 | High | 7.5 | 2019-05-23 | Adobe Dreamweaver versions 19.0 and earlier have an insecure protocol implementation vulnerability. Successful exploitation could lead to sensitive data disclo… |
CVE-2026-47910 | Medium | 6.3 | 2026-06-09 | Dreamweaver Desktop versions 21.7 and earlier are affected by an Incorrect Authorization vulnerability that could lead to arbitrary file system read. An attack… |
CVE-2026-47909 | Medium | 6.3 | 2026-06-09 | Dreamweaver Desktop versions 21.7 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An atta… |
CVE-2021-21055 | Medium | 6.2 | 2021-02-11 | Adobe Dreamweaver versions 21.0 (and earlier) and 20.2 (and earlier) is affected by an untrusted search path vulnerability that could result in information dis… |
CVE-2010-3132 | | 2010-08-26 | Untrusted search path vulnerability in Adobe Dreamweaver CS5 11.0 build 4916, build 4909, and probably other versions, allows local users, and possibly remote… | |
CVE-2008-6062 | | 2009-02-05 | Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary Shockwave Flash (SWF) files created by Adobe Dreamweaver, when the Insert Flash Video fea… |