CVE-2026-48252
Adobe Experience Manager | Missing Authentication for Critical Function (CWE-306)
CVSS Score
8.6
EPSS Score
0.0%
EPSS Percentile
0th
Adobe Experience Manager is affected by a Missing Authentication for Critical Function vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploitation of this issue does not require user interaction. Scope is changed.
| CWE | CWE-306 |
| Vendor | adobe |
| Product | adobe experience manager as a cloud service |
| Ecosystems | |
| Industries | TechnologyMedia |
| Published | Jul 14, 2026 |
| Last Updated | Jul 15, 2026 |
Stay Ahead of the Next One
Get instant alerts for adobe adobe experience manager as a cloud service
Be the first to know when new high vulnerabilities affecting adobe adobe experience manager as a cloud service are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
High
Availability
None
Affected Versions
Adobe / Adobe Experience Manager as a Cloud Service
0 โค 2026.5.0
Adobe / Adobe Experience Manager 6.5 LTS
0 โค SP2
Adobe / Adobe Experience Manager 6.5
0 โค 6.5.25