CVE Catalog

CVE-2026-48288

LowCVSS 3.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.06%

18th percentile — higher than 18% of all known CVEs

Summary

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to gain unauthorized write access.

Risk Assessment

The organization may be exposed to unauthorized data modifications, which could lead to serious consequences for system integrity. User interaction is required, increasing the risk if a malicious site is visited.

Recommendation

It is recommended to update Adobe Experience Manager to the latest version to mitigate this vulnerability. Additionally, users should be educated about the risks of clicking on unknown links.

Original NVD description (English source)

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploitation of this issue requires user interaction in that a victim must visit a maliciously crafted URL or interact with a compromised web page.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS