Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.1
Unrestricted Access to Sensitive Data in Multiple Locations of Software
CVE-2025-64893
ASB-A-483075215
Summary
A security issue in this software allows unauthorized access to sensitive data without needing special permissions. This could potentially allow an attacker to gain more control over the affected system. Update the software to the latest version to fix this issue.
What to do
- Update google platform/external/dng_sdk to version 16-qpr2-next:2026-03-01.
- Update google platform/external/dng_sdk to version 15:2026-03-01.
- Update google platform/external/dng_sdk to version 16:2026-03-01.
- Update google platform/external/dng_sdk to version 16-qpr2:2026-03-01.
- Update google platform/external/dng_sdk to version 14:2026-03-01.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| adobe | dng_software_development_kit | <= 1.7.0 | – |
| platform/external/dng_sdk | > 16-qpr2-next:0 , <= 16-qpr2-next:2026-03-01 | 16-qpr2-next:2026-03-01 | |
| platform/external/dng_sdk | > 15:0 , <= 15:2026-03-01 | 15:2026-03-01 | |
| platform/external/dng_sdk | > 16:0 , <= 16:2026-03-01 | 16:2026-03-01 | |
| platform/external/dng_sdk | > 16-qpr2:0 , <= 16-qpr2:2026-03-01 | 16-qpr2:2026-03-01 | |
| platform/external/dng_sdk | > 14:0 , <= 14:2026-03-01 | 14:2026-03-01 |
Original title
In multiple locations, there is a possible way to access unexpected data due to multiple causes. This could lead to local escalation of privilege with no additional execution privileges needed. Use...
Original description
In multiple locations, there is a possible way to access unexpected data due to multiple causes. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
nvd CVSS3.1
7.1
Vulnerability type
CWE-125
Out-of-bounds Read
Published: 1 Mar 2026 · Updated: 13 Mar 2026 · First seen: 7 Mar 2026