High severity7.8NVD Advisory· Published Feb 13, 2026· Updated Apr 15, 2026

CVE-2026-26208

Description

ADB Explorer is a fluent UI for ADB on Windows. Prior to Beta 0.9.26020, ADB Explorer is vulnerable to Insecure Deserialization leading to Remote Code Execution. The application attempts to deserialize the App.txt settings file using Newtonsoft.Json with TypeNameHandling set to Objects. This allows an attacker to supply a crafted JSON file containing a gadget chain (e.g., ObjectDataProvider) to execute arbitrary code when the application launches and subsequently saves its settings. This vulnerability is fixed in Beta 0.9.26020.

Affected products

Alex4SSB/Adb Explorerreferences

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/Alex4SSB/ADB-Explorer/commit/776f132cede86e1405520f2a28c78276dda5ab5anvd
github.com/Alex4SSB/ADB-Explorer/issues/294nvd
github.com/Alex4SSB/ADB-Explorer/releases/tag/v0.9.26020nvd
github.com/Alex4SSB/ADB-Explorer/security/advisories/GHSA-49qx-wpxj-p4mhnvd

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000