CVE-2026-21319

CWE-125Out-of-bounds Read4 documents4 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 93.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Adobe After Effects
Timeline
PublishedFeb 10

Description

After Effects versions 25.6 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

NVDadobe/after_effects< 25.6.4
CVEListV5adobe/after_effects25.6

🔴Vulnerability Details

2
GHSA
GHSA-w78c-hxwv-h3vv: After Effects versions 252026-02-10
CVEList
After Effects | Out-of-bounds Read (CWE-125)2026-02-10

🕵️Threat Intelligence

1
Wiz
CVE-2026-21319 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-21319 (MEDIUM CVSS 5.5) | After Effects versions 25.6 and ear | cvebase.io