CVE-2026-21354— Adobe DNG SDK 输入验证错误漏洞
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2026-21354の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
DNG SDK | Integer Overflow or Wraparound (CWE-190)
ソース: NVD (National Vulnerability Database)
脆弱性説明
DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to cause the application to crash or become unresponsive. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
ソース: NVD (National Vulnerability Database)
CVSS情報
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
整数溢出或超界折返
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Adobe DNG SDK 输入验证错误漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Adobe DNG SDK是美国奥多比(Adobe)公司的一款提供读取和写入DNG文件功能的软件开发工具包。 Adobe DNG SDK 1.7.1 2410及之前版本存在输入验证错误漏洞,该漏洞源于整数溢出或环绕错误,可能导致应用程序拒绝服务。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
II. CVE-2026-21354の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2026-21354のインテリジェンス情報
请登录查看更多情报信息。
Same Patch Batch · Adobe · 2026-02-10 · 44 CVEs total
| CVE-2026-21329 | 7.8 HIGH | After Effects | Use After Free (CWE-416) |
| CVE-2026-21352 | 7.8 HIGH | DNG SDK | Out-of-bounds Write (CWE-787) |
| CVE-2026-21347 | 7.8 HIGH | Bridge | Integer Overflow or Wraparound (CWE-190) |
| CVE-2026-21343 | 7.8 HIGH | Substance3D - Stager | Out-of-bounds Read (CWE-125) |
| CVE-2026-21344 | 7.8 HIGH | Substance3D - Stager | Out-of-bounds Read (CWE-125) |
| CVE-2026-21346 | 7.8 HIGH | Bridge | Out-of-bounds Write (CWE-787) |
| CVE-2026-21321 | 7.8 HIGH | After Effects | Integer Overflow or Wraparound (CWE-190) |
| CVE-2026-21351 | 7.8 HIGH | After Effects | Use After Free (CWE-416) |
| CVE-2026-21320 | 7.8 HIGH | After Effects | Use After Free (CWE-416) |
| CVE-2026-21357 | 7.8 HIGH | InDesign Desktop | Heap-based Buffer Overflow (CWE-122) |
| CVE-2026-21312 | 7.8 HIGH | Audition | Out-of-bounds Write (CWE-787) |
| CVE-2026-21323 | 7.8 HIGH | After Effects | Use After Free (CWE-416) |
| CVE-2026-21324 | 7.8 HIGH | After Effects | Out-of-bounds Read (CWE-125) |
| CVE-2026-21326 | 7.8 HIGH | After Effects | Use After Free (CWE-416) |
| CVE-2026-21322 | 7.8 HIGH | After Effects | Out-of-bounds Read (CWE-125) |
| CVE-2026-21318 | 7.8 HIGH | After Effects | Out-of-bounds Write (CWE-787) |
| CVE-2026-21328 | 7.8 HIGH | After Effects | Out-of-bounds Write (CWE-787) |
| CVE-2026-21327 | 7.8 HIGH | After Effects | Out-of-bounds Write (CWE-787) |
| CVE-2026-21325 | 7.8 HIGH | After Effects | Out-of-bounds Read (CWE-125) |
| CVE-2026-21330 | 7.8 HIGH | After Effects | Access of Resource Using Incompatible Type ('Type Confusion') (CWE-843) |
Showing 20 of 44 CVEs. View all on vendor page →
IV. 関連脆弱性
同じ製品: DNG SDK
同じベンダー: Adobe
- CVE-2026-34632
Photoshop Installer | CWE-427: Uncontrolled Search Path Elem - CVE-2026-27297
Adobe Framemaker | Integer Underflow (Wrap or Wraparound) (C - CVE-2026-27300
Adobe Framemaker | Access of Uninitialized Pointer (CWE-824) - CVE-2026-27296
Adobe Framemaker | Integer Underflow (Wrap or Wraparound) (C - CVE-2026-27290
Adobe Framemaker | Untrusted Search Path (CWE-426)
同じ弱点: CWE-190
- CVE-2026-7568
Signed integer overflow in metaphone() - CVE-2026-42311
Pillow: OOB Write with Invalid PSD Tile Extents (Integer Ove - CVE-2026-42308
Pillow: Integer overflow when processing fonts - CVE-2026-6664
PgBouncer integer overflow in PgBouncer network packet parsi - CVE-2026-42199
Grid: Integer Overflow in Grid::expand_rows Leads to Safe-AP
V. CVE-2026-21354へのコメント
まだコメントはありません