Adobe Flash Player versions 29.0.0.140 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HAdobe Flash Player
APPAdobe≤ 29.0.0.140Apple macOS
OSApplewszystkie wersjeGoogle Chrome Os
OSGooglewszystkie wersjeLinux Kernel
OSLinuxwszystkie wersjeMicrosoft Windows
OSMicrosoftwszystkie wersjeMicrosoft Windows 10
OSMicrosoftwszystkie wersjeMicrosoft Windows 8.1
OSMicrosoftwszystkie wersjeRed Hat Enterprise Linux Desktop
OSRedhat6.0Red Hat Enterprise Linux Server
OSRedhat6.0Red Hat Enterprise Linux Workstation
OSRedhat6.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References
Related vulnerabilities
CVE-2026-8398CRITICAL9.3⚠ KEVPL ✓ten sam produkt
Atak na łańcuch dostaw DAEMON Tools Lite — trojanizacja instalatorów
CVE-2025-10585CRITICAL9.8⚠ KEVPL ✓ten sam produkt
Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty
CVE-2025-43300CRITICAL10.0⚠ KEVPL ✓ten sam produkt
Apple iOS/iPadOS/macOS — out-of-bounds write przy przetwarzaniu obrazu
CVE-2025-34028CRITICAL9.3⚠ KEVPL ✓ten sam produkt
Commvault Command Center – nieuwierzytelniony RCE przez path traversal w ZIP
CVE-2025-31201CRITICAL9.8⚠ KEVPL ✓ten sam produkt
Apple: Obejście Pointer Authentication w iOS, macOS i innych platformach