Vulnerability Details CVE-2026-21349
Lightroom Desktop versions 15.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 9.8%
CVSS Severity
CVSS v3 Score 7.8
Products affected by CVE-2026-21349
-
cpe:2.3:a:adobe:lightroom:*
-
cpe:2.3:a:adobe:lightroom:-
-
cpe:2.3:a:adobe:lightroom:10.0
-
cpe:2.3:a:adobe:lightroom:10.1
-
cpe:2.3:a:adobe:lightroom:10.3
-
cpe:2.3:a:adobe:lightroom:11.0
-
cpe:2.3:a:adobe:lightroom:11.0.1
-
cpe:2.3:a:adobe:lightroom:11.1
-
cpe:2.3:a:adobe:lightroom:11.2
-
cpe:2.3:a:adobe:lightroom:11.3
-
cpe:2.3:a:adobe:lightroom:11.4
-
cpe:2.3:a:adobe:lightroom:11.4.1
-
cpe:2.3:a:adobe:lightroom:11.5
-
cpe:2.3:a:adobe:lightroom:12.0
-
cpe:2.3:a:adobe:lightroom:12.0.1
-
cpe:2.3:a:adobe:lightroom:12.1
-
cpe:2.3:a:adobe:lightroom:12.2
-
cpe:2.3:a:adobe:lightroom:12.2.1
-
cpe:2.3:a:adobe:lightroom:12.3
-
cpe:2.3:a:adobe:lightroom:12.4
-
cpe:2.3:a:adobe:lightroom:12.5
-
cpe:2.3:a:adobe:lightroom:12.5.1
-
cpe:2.3:a:adobe:lightroom:12.5.2
-
cpe:2.3:a:adobe:lightroom:13.0
-
cpe:2.3:a:adobe:lightroom:13.0.1
-
cpe:2.3:a:adobe:lightroom:13.0.2
-
cpe:2.3:a:adobe:lightroom:13.1
-
cpe:2.3:a:adobe:lightroom:13.2
-
cpe:2.3:a:adobe:lightroom:13.3
-
cpe:2.3:a:adobe:lightroom:13.3.1
-
cpe:2.3:a:adobe:lightroom:13.4
-
cpe:2.3:a:adobe:lightroom:13.5
-
cpe:2.3:a:adobe:lightroom:13.5.1
-
cpe:2.3:a:adobe:lightroom:14.0
-
cpe:2.3:a:adobe:lightroom:14.0.1
-
cpe:2.3:a:adobe:lightroom:9.2.0.10
-
cpe:2.3:a:adobe:lightroom:9.3