Unrated severityNVD Advisory· Published Jan 13, 2026· Updated Feb 26, 2026
Dreamweaver Desktop | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)
CVE-2026-21267
Description
Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is changed.
Affected products
2<=21.6+ 1 more
- (no CPE)range: <=21.6
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
1- helpx.adobe.com/security/products/dreamweaver/apsb26-01.htmlmitrevendor-advisory
News mentions
0No linked articles in our index yet.