{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T17:40:26.401","vulnerabilities":[{"cve":{"id":"CVE-2026-27615","sourceIdentifier":"security-advisories@github.com","published":"2026-02-25T03:16:05.990","lastModified":"2026-02-27T19:04:28.260","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"ADB Explorer is a fluent UI for ADB on Windows. In versions prior to Beta 0.9.26022, ADB-Explorer allows the `ManualAdbPath` settings variable, which determines the path of the ADB binary to be executed, to be set to a Universal Naming Convention (UNC) path in the application's settings file. This allows an attacker to set the binary's path to point to a remote network resource, hosted on an attacker-controlled network share, thus granting the attacker full control over the binary being executed by the app. An attacker may leverage this vulnerability to execute code remotely on a victim's machine with the privileges of the user running the app. Exploitation is made possible by convincing a victim to run a shortcut of the app that points to a custom `App.txt` settings file, which sets `ManualAdbPath` (for example, when downloaded in an archive file). Version Beta 0.9.26022 fixes the issue."},{"lang":"es","value":"ADB Explorer es una interfaz de usuario fluida para ADB en Windows. En versiones anteriores a Beta 0.9.26022, ADB-Explorer permite que la variable de configuración 'ManualAdbPath', que determina la ruta del binario ADB a ejecutar, se establezca en una ruta de Convención de Nomenclatura Universal (UNC) en el archivo de configuración de la aplicación. Esto permite a un atacante establecer la ruta del binario para que apunte a un recurso de red remoto, alojado en un recurso compartido de red controlado por el atacante, otorgando así al atacante control total sobre el binario que ejecuta la aplicación. Un atacante puede aprovechar esta vulnerabilidad para ejecutar código de forma remota en la máquina de una víctima con los privilegios del usuario que ejecuta la aplicación. La explotación es posible al convencer a una víctima de ejecutar un acceso directo de la aplicación que apunta a un archivo de configuración 'App.txt' personalizado, que establece 'ManualAdbPath' (por ejemplo, cuando se descarga en un archivo comprimido). La versión Beta 0.9.26022 corrige el problema."}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-40"},{"lang":"en","value":"CWE-829"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-829"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:alex4ssb:adb_explorer:*:*:*:*:*:windows:*:*","versionEndExcluding":"0.9.26022","matchCriteriaId":"C02EA1E7-E0FF-4607-A021-2FB1BC886AB7"}]}]}],"references":[{"url":"https://github.com/Alex4SSB/ADB-Explorer/security/advisories/GHSA-3f27-jp2g-hwhr","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://github.com/Alex4SSB/ADB-Explorer/security/advisories/GHSA-3f27-jp2g-hwhr","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}}]}