Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.5
Adobe DNG SDK Crash Vulnerability through Malicious File
CVE-2026-27281
Summary
Old versions of Adobe DNG SDK are vulnerable to a crash bug that can be triggered by opening a malicious file. This can cause an application to freeze or shut down. Update to the latest version to fix the issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| adobe | dng_software_development_kit | <= 1.7.1 | – |
Original title
DNG SDK versions 1.7.1 2471 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerabilit...
Original description
DNG SDK versions 1.7.1 2471 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to cause the application to crash or become unresponsive. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
nvd CVSS3.1
5.5
Vulnerability type
CWE-190
Integer Overflow
Published: 10 Mar 2026 · Updated: 13 Mar 2026 · First seen: 10 Mar 2026