CVE-2026-21268
HIGH WAF: Medium
CVSS 8.6
Published: 2026-01-13
CWE-20
Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is changed.
WAF Coverage Analysis
Improper Input Validation
Medium WAF Coverage
OWASP: A03:2021 Injection
920xxx - Protocol Enforcement 941xxx - XSS / XXE 942xxx - SQL Injection
Affected Software
| Vendor | Product | Version |
|---|---|---|
| adobe | dreamweaver | up to 21.7 |
References
- helpx.adobe.com (Vendor Advisory)