CVE-2026-21272
Improper Input Validation in Dreamweaver Allows Arbitrary File Write
Publication date: 2026-01-13
Last updated on: 2026-01-13
Assigner: Adobe Systems Incorporated
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| adobe | dreamweaver | to 21.6 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-20 | The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an Improper Input Validation issue in Dreamweaver Desktop versions 21.6 and earlier. It allows an attacker to manipulate or inject malicious data into files on the system by exploiting the way input is handled. Exploitation requires the victim to open a malicious file, which then enables arbitrary file system writes.
How can this vulnerability impact me? :
The vulnerability can lead to arbitrary file system writes, meaning an attacker could modify or inject malicious data into files on your system. This could result in data corruption, unauthorized data manipulation, or potentially further compromise of the system's integrity and availability.