CVE-2026-48288NVD

Vulnerability Summary

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploitation of this issue requires user interaction in that a victim must visit a maliciously crafted URL or interact with a compromised web page.

Severity Level

LOW(3.5)

Published Date

Jun 9, 2026

Last Modified

Jun 10, 2026

Exploitation Status

????

EPSS Score (30-Day)

0.06%Probability

Root Weakness (CWE)

CWE-20: Improper Input Validation ↗

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required.

CVSS v3.1 Base Metrics

Attack VectorNetwork

Attack ComplexityLow

Privileges RequiredLow

User InteractionRequired

ScopeUnchanged

ConfidentialityNone

IntegrityLow

AvailabilityNone

External References

https://helpx.adobe.com/security/products/experience-manager/apsb26-56.html

Critical Alert

CVE Watchtower

CVE-2026-48288NVD

Vulnerability Summary

External References