{"api_version":"1","generated_at":"2026-07-16T11:23:22+00:00","cve":"CVE-2026-48308","urls":{"html":"https://cve.report/CVE-2026-48308","api":"https://cve.report/api/cve/CVE-2026-48308.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-48308","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-48308"},"summary":{"title":"Premiere Pro | Improper Input Validation (CWE-20)","description":"Premiere Pro is affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user interaction. Scope is changed.","state":"PUBLISHED","assigner":"adobe","published_at":"2026-07-14 21:16:58","updated_at":"2026-07-15 16:17:47"},"problem_types":["CWE-20","CWE-20 Improper Input Validation (CWE-20)"],"metrics":[{"version":"3.1","source":"psirt@adobe.com","type":"Primary","score":"5.9","severity":"MEDIUM","vector":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"}},{"version":"3.1","source":"CNA","type":"CVSS","score":"5.9","severity":"MEDIUM","vector":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N","data":{"attackComplexity":"HIGH","attackVector":"LOCAL","availabilityImpact":"NONE","availabilityRequirement":"NOT_DEFINED","baseScore":5.9,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","confidentialityRequirement":"NOT_DEFINED","environmentalScore":5.9,"environmentalSeverity":"MEDIUM","exploitCodeMaturity":"NOT_DEFINED","integrityImpact":"HIGH","integrityRequirement":"NOT_DEFINED","modifiedAttackComplexity":"HIGH","modifiedAttackVector":"LOCAL","modifiedAvailabilityImpact":"NONE","modifiedConfidentialityImpact":"NONE","modifiedIntegrityImpact":"HIGH","modifiedPrivilegesRequired":"NONE","modifiedScope":"CHANGED","modifiedUserInteraction":"NONE","privilegesRequired":"NONE","remediationLevel":"NOT_DEFINED","reportConfidence":"NOT_DEFINED","scope":"CHANGED","temporalScore":5.9,"temporalSeverity":"MEDIUM","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N","version":"3.1"}}],"references":[{"url":"https://helpx.adobe.com/security/products/premiere_pro/apsb26-76.html","name":"https://helpx.adobe.com/security/products/premiere_pro/apsb26-76.html","refsource":"psirt@adobe.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-48308","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-48308","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Adobe","product":"Premiere","version":"affected 26.2.2 semver","platforms":[]},{"source":"CNA","vendor":"Adobe","product":"Premiere","version":"unaffected 26.3 semver","platforms":[]},{"source":"CNA","vendor":"Adobe","product":"Premiere","version":"affected 25.6.5 semver","platforms":[]},{"source":"CNA","vendor":"Adobe","product":"Premiere","version":"unaffected 25.6.6 semver","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"48308","cve":"CVE-2026-48308","epss":"0.001560000","percentile":"0.051830000","score_date":"2026-07-15","updated_at":"2026-07-16 00:08:43"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"cna":{"affected":[{"defaultStatus":"affected","product":"Premiere","vendor":"Adobe","versions":[{"lessThanOrEqual":"26.2.2","status":"affected","version":"0","versionType":"semver"},{"status":"unaffected","version":"26.3","versionType":"semver"}]},{"defaultStatus":"affected","product":"Premiere","vendor":"Adobe","versions":[{"lessThanOrEqual":"25.6.5","status":"affected","version":"0","versionType":"semver"},{"status":"unaffected","version":"25.6.6","versionType":"semver"}]}],"datePublic":"2026-07-14T17:00:00.000Z","descriptions":[{"lang":"en","value":"Premiere Pro is affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user interaction. Scope is changed."}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"LOCAL","availabilityImpact":"NONE","availabilityRequirement":"NOT_DEFINED","baseScore":5.9,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","confidentialityRequirement":"NOT_DEFINED","environmentalScore":5.9,"environmentalSeverity":"MEDIUM","exploitCodeMaturity":"NOT_DEFINED","integrityImpact":"HIGH","integrityRequirement":"NOT_DEFINED","modifiedAttackComplexity":"HIGH","modifiedAttackVector":"LOCAL","modifiedAvailabilityImpact":"NONE","modifiedConfidentialityImpact":"NONE","modifiedIntegrityImpact":"HIGH","modifiedPrivilegesRequired":"NONE","modifiedScope":"CHANGED","modifiedUserInteraction":"NONE","privilegesRequired":"NONE","remediationLevel":"NOT_DEFINED","reportConfidence":"NOT_DEFINED","scope":"CHANGED","temporalScore":5.9,"temporalSeverity":"MEDIUM","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-20","description":"Improper Input Validation (CWE-20)","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-07-14T21:10:10.341Z","orgId":"078d4453-3bcd-4900-85e6-15281da43538","shortName":"adobe"},"references":[{"tags":["vendor-advisory"],"url":"https://helpx.adobe.com/security/products/premiere_pro/apsb26-76.html"}],"source":{"discovery":"EXTERNAL"},"title":"Premiere Pro | Improper Input Validation (CWE-20)","x_generator":{"engine":"cvelib 1.8.0"}}},"cveMetadata":{"assignerOrgId":"078d4453-3bcd-4900-85e6-15281da43538","assignerShortName":"adobe","cveId":"CVE-2026-48308","datePublished":"2026-07-14T20:04:05.282Z","dateReserved":"2026-05-21T15:28:38.136Z","dateUpdated":"2026-07-14T21:10:10.341Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-07-14 21:16:58","lastModifiedDate":"2026-07-15 16:17:47","problem_types":["CWE-20","CWE-20 Improper Input Validation (CWE-20)"],"metrics":{"cvssMetricV31":[{"source":"psirt@adobe.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.4,"impactScore":4}]},"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"48308","Ordinal":"1","Title":"Premiere Pro | Improper Input Validation (CWE-20)","CVE":"CVE-2026-48308","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"48308","Ordinal":"1","NoteData":"Premiere Pro is affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user interaction. Scope is changed.","Type":"Description","Title":"Premiere Pro | Improper Input Validation (CWE-20)"}]}}}