This page lists publicly disclosed CVE vulnerabilities affecting adobe dng_software_development_kit (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-27258 | DNG SDK versions 1.7.1 2502 and earlier are affected by an out-of-bounds write vulnerability that could lead to application denial-of-service. An attacker could leverage this vulnerability to corrupt memory, causing the application to crash or become unresponsive. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | [email protected] | 5.5 | 0.02% | 2026-04-14 | 2026-04-15 |
| CVE-2026-27281 | DNG SDK versions 1.7.1 2471 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to cause the application to crash or become unresponsive. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | [email protected] | 5.5 | 0.02% | 2026-03-10 | 2026-03-12 |
| CVE-2026-27280 | DNG SDK versions 1.7.1 2471 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | [email protected] | 7.8 | 0.03% | 2026-03-10 | 2026-03-12 |
| CVE-2026-21355 | DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | [email protected] | 5.5 | 0.02% | 2026-02-10 | 2026-02-13 |
| CVE-2026-21354 | DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to cause the application to crash or become unresponsive. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | [email protected] | 5.5 | 0.02% | 2026-02-10 | 2026-02-13 |
| CVE-2026-21353 | DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | [email protected] | 7.8 | 0.03% | 2026-02-10 | 2026-02-13 |
| CVE-2026-21352 | DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | [email protected] | 7.8 | 0.03% | 2026-02-10 | 2026-02-13 |
| CVE-2025-64894 | DNG SDK versions 1.7.0 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this issue to cause the application to crash or become unresponsive. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | [email protected] | 5.5 | 0.02% | 2025-12-09 | 2025-12-10 |
| CVE-2025-64893 | DNG SDK versions 1.7.0 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure or application denial of service. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | [email protected] | 7.1 | 0.03% | 2025-12-09 | 2025-12-10 |
| CVE-2025-64784 | DNG SDK versions 1.7.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to memory exposure or application denial of service. An attacker could leverage this vulnerability to disclose sensitive memory information. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | [email protected] | 7.1 | 0.02% | 2025-12-09 | 2025-12-10 |
| CVE-2025-64783 | DNG SDK versions 1.7.0 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | [email protected] | 7.8 | 0.03% | 2025-12-09 | 2025-12-10 |
| CVE-2020-9628 | Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | [email protected] | 7.5 | 3.84% | 2020-06-26 | 2024-11-21 |
| CVE-2020-9627 | Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | [email protected] | 7.5 | 3.84% | 2020-06-26 | 2024-11-21 |
| CVE-2020-9625 | Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | [email protected] | 7.5 | 3.84% | 2020-06-26 | 2024-11-21 |
| CVE-2016-4167 | Adobe DNG Software Development Kit (SDK) before 1.4 2016 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | [email protected] | 9.8 | 6.48% | 2016-06-16 | 2026-05-06 |