Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploitation of this issue requires user interaction in that a victim must visit a maliciously crafted URL or interact with a compromised web page.
| Vendor | Product | Versions |
|---|---|---|
| adobe | adobe experience manager | 0 |
Updated severity to CRITICAL, marked as actively exploited, and added CVE-2026-48288 tag.
Initial creation
