Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2026/VULN152
_____________________________________________________________________

DATE                : 11/02/2026

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Adobe Bridge versions
                            prior to 15.1.4 (LTS), 16.0.2.

=====================================================================
https://helpx.adobe.com/security/products/bridge/apsb26-21.html
_____________________________________________________________________

Security Updates Available for Adobe Bridge | APSB26-21

Bulletin ID     Date Published      Priority

APSB26-21       February 10, 2026   3


Summary

Adobe has released a security update for Adobe Bridge. This 
update addresses critical vulnerabilities that could lead to 
arbitrary code execution.

 Adobe is not aware of any exploits in the wild for any of the issues 
addressed in these updates.


Affected Versions

Product        Version                              Platform    
Adobe Bridge   15.1.3 (LTS) and earlier versions    Windows  and macOS

Adobe Bridge   16.0.1 and earlier versions          Windows  and macOS


Solution

Adobe categorizes these updates with the following priority 
ratings and recommends users update their installation to the 
newest version via the Creative Cloud desktop app's update 
mechanism.  For more information, please reference 
this help page.   

Product    Version      Platform      Priority     Availability    

Adobe Bridge   15.1.4 (LTS)  Windows and macOS   3    Download Page    

Adobe Bridge   16.0.2       Windows and macOS    3    Download Page


Vulnerability Details

Vulnerability Category     Vulnerability Impact    Severity
CVSS base score     CVSS vector      CVE Numbers

Out-of-bounds Write (CWE-787)   Arbitrary code execution   Critical
7.8      CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2026-21346

Integer Overflow or Wraparound (CWE-190)    Arbitrary code execution
Critical      7.8      CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2026-21347


Acknowledgments

Adobe would like to thank the following researcher for 
reporting this issue and for working with Adobe to help 
protect our customers:   

    yjdfy -- CVE-2026-21346, CVE-2026-21347

NOTE: Adobe has a public bug bounty program with HackerOne. If you are 
interested in working with Adobe as an external security researcher, 
please check out https://hackerone.com/adobe

For more information, visit https://helpx.adobe.com/security.html, or 
email PSIRT@adobe.com
 
=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================