Premiere Pro | Improper Input Validation (CWE-20)
Summary
| CVE | CVE-2026-48308 |
|---|---|
| State | PUBLISHED |
| Assigner | adobe |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-07-14 21:16:58 UTC |
| Updated | 2026-07-15 16:17:47 UTC |
| Description | Premiere Pro is affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user interaction. Scope is changed. |
Risk And Classification
Primary CVSS: v3.1 5.9 MEDIUM from [email protected]
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
EPSS: 0.001560000 probability, percentile 0.051830000 (date 2026-07-15)
Problem Types: CWE-20 | CWE-20 Improper Input Validation (CWE-20)
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.1 | [email protected] | Primary | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N |
| 3.1 | CNA | CVSS | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N |
CVSS v3.1 Breakdown
Attack Vector
LocalAttack Complexity
HighPrivileges Required
NoneUser Interaction
NoneScope
ChangedConfidentiality
NoneIntegrity
HighAvailability
NoneCVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| helpx.adobe.com/security/products/premiere_pro/apsb26-76.html | [email protected] | helpx.adobe.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.