Primary

Context

Adobe After Effects NULL Pointer Dereference Vulnerability Leading to Denial-of-Service

Vulnerability

Patched

A NULL pointer dereference vulnerability has been identified in Adobe After Effects versions 25.6 and earlier. This vulnerability could lead to a denial-of-service condition, causing the application to crash and disrupt services. Exploitation requires user interaction, as a victim must open a malicious file.

Impact

Exploitation of this vulnerability causes the application to crash, leading to a denial-of-service condition.

Remediation

Users are advised to update to Adobe After Effects versions 25.6.4 or 26.0, available through the Adobe Download Center. For managed environments, IT administrators can deploy updates using the Adobe Admin Console.

Added: Feb 10, 2026, 6:37 PM

Updated: Feb 10, 2026, 11:31 PM

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

0.6

exploitability

3.8

remediation

7.7

relevance

2.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

0.6

exploitability

3.8

remediation

7.7

relevance

2.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Adobe After Effects NULL Pointer Dereference Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

Adobe After Effects

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating