Cyber Resilience

CVE-2026-21347

High

Published: 10 February 2026

Published
10 February 2026
Modified
11 February 2026
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0003 10.4th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-21347 is a high-severity Integer Overflow or Wraparound (CWE-190) vulnerability in Adobe Bridge. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Malicious File (T1204.002); ranked at the 10.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and RA-5 (Vulnerability Monitoring and Scanning).

Deeper analysis

CVE-2026-21347 is an Integer Overflow or Wraparound vulnerability (CWE-190) affecting Adobe Bridge versions 15.1.3, 16.0.1, and earlier. This flaw could lead to arbitrary code execution in the context of the current user when a victim opens a malicious file, requiring user interaction for exploitation.

The vulnerability has a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), indicating local access with low complexity, no privileges required, and user interaction needed. An attacker can exploit it by crafting a malicious file and tricking a user into opening it within Bridge, achieving high-impact arbitrary code execution with full confidentiality, integrity, and availability compromise under the user's privileges.

Adobe's security advisory at https://helpx.adobe.com/security/products/bridge/apsb26-21.html provides details on the issue, published on 2026-02-10, and outlines mitigation steps including applying the available patches to update to unaffected versions.

EU & UK References

Vulnerability details

Bridge versions 15.1.3, 16.0.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim…

more

must open a malicious file.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1204.002 Malicious File Execution
An adversary may rely upon a user opening a malicious file in order to gain execution.
Why these techniques?

Integer overflow in client-side Adobe Bridge enables RCE via crafted malicious file opened by user (direct match to User Execution: Malicious File).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-34630Same product: Adobe Bridge
CVE-2026-21283Same product: Adobe Bridge
CVE-2026-27310Same product: Adobe Bridge
CVE-2026-21346Same product: Adobe Bridge
CVE-2026-27312Same product: Adobe Bridge
CVE-2026-21321Same product: Apple Macos
CVE-2026-21324Same product: Apple Macos
CVE-2026-27284Same product: Apple Macos
CVE-2026-21344Same product: Apple Macos
CVE-2026-34687Same product: Apple Macos

Affected Assets

adobe
bridge
≤ 15.1.4 · 16.0 — 16.0.2

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly remediates the integer overflow vulnerability in Adobe Bridge by requiring identification, reporting, and timely patching as provided in the vendor advisory.

detect

Enables periodic and event-driven vulnerability scanning to identify systems running vulnerable versions of Adobe Bridge affected by CVE-2026-21347.

preventdetect

Deploys malicious code protection mechanisms to scan and block malicious files crafted to exploit the integer overflow prior to opening in Bridge.

References