Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.4
Adobe Flash Player's ffa.c Code Has a Memory Corruption Risk
CVE-2026-0037
Summary
A flaw in Adobe Flash Player's ffa.c code can cause memory corruption, potentially allowing an attacker to gain more privileges on a computer without needing to interact with the user. This could lead to unauthorized access to sensitive data or system resources. Affected users should update Adobe Flash Player to the latest version to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| android | All versions | – |
Original title
In multiple functions of ffa.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges need...
Original description
In multiple functions of ffa.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
nvd CVSS3.1
8.4
Vulnerability type
CWE-787
Out-of-bounds Write
Published: 2 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026