Adobe Lightroom Classic is a software designed for photo editing and management. It offers comprehensive tools and advanced controls to get the most out of your photography. This desktop-focused application gives you powerful options to import, select, and develop your photos.

Adobe Lightroom Classic

Lightroom Desktop versions 15.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2026-21349	HIGH	7.8	Adobe Lightroom Classic	cpe:2.3:a:adobe:lightroom:::::classic:::*	No	Yes	Feb 10, 2026
CVE-2020-9724	HIGH	7.8	Adobe Lightroom Classic	cpe:2.3:a:adobe:lightroom:::::classic:::*	No	Yes	Aug 19, 2020
CVE-2020-24447	HIGH	7	Adobe Lightroom Classic	cpe:2.3:a:adobe:lightroom:::::classic:::*	No	Yes	Dec 11, 2020
CVE-2021-40776	MEDIUM	6.1	Adobe Lightroom Classic	cpe:2.3:a:adobe:lightroom:::::classic:::*	No	Yes	Jun 15, 2022
CVE-2024-45145	MEDIUM	5.5	Adobe Lightroom Classic	cpe:2.3:a:adobe:lightroom:::::classic:::*	No	Yes	Oct 09, 2024

CVE-2026-21349:
Adobe Lightroom Classic vulnerability analysis and mitigation

7.8

Related Adobe Lightroom Classic vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2026-21349: Adobe Lightroom Classic vulnerability analysis and mitigation