CVSS 103 sources verified·1 min read
By Lyrie Threat Intelligence·6/9/2026
CRITICAL: CVE-2026-47938 (CVSS 10) — multiple products
CVE: CVE-2026-47938
CVSS: 10 (3.1) — CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Severity: CRITICAL
Status: Critical advisory
Affected
_See vendor advisory_
Summary
Adobe Campaign Classic (ACC) versions 7.4.3 build 9394 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed.
Verified Sources
References
- https://helpx.adobe.com/security/products/campaign/apsb26-66.html
_Validated by the Lyrie Threat Intelligence Pipeline — 3 independent sources confirmed before publication. No speculation._
Lyrie Verdict
A vulnerability of this severity is exactly what Lyrie's anti-rogue-AI defense is built for: continuous, autonomous monitoring that doesn't wait for human reaction time.
Validated sources
- [1]NVD
- [2]GitHub Advisory
- [3]MITRE
Related Articles
cve deepdive
CRITICAL: CVE-2026-46858 (CVSS 9.1) — oracle application performance management
1 min read · 3 sources
cve deepdive
CRITICAL: CVE-2026-46789 (CVSS 9.6) — oracle webcenter content
1 min read · 3 sources
cve deepdive
CRITICAL: CVE-2026-46784 (CVSS 9.1) — oracle webcenter content
1 min read · 3 sources