CVE-2026-48344

Summary

Creative Cloud Desktop is affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in arbitrary code execution in the context of the current user. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user interaction. Scope is changed.

Affected Software

VendorProductVersion RangeStatus
AdobeCreative Cloud Desktop0 <= 6.9.1.1affected
AdobeCreative Cloud Desktop6.10.0.252.3unaffected

Weaknesses

  • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367)

References