Get a Demo

Let's Patch It!

Book a short call with one our specialists, we'll walk you through how Endor Patches work, and ask you a few questions about your environment (like your primary programming languages and repository management). We'll also send you an email right after you fill out the form, feel free to reply with any questions you have in advance!

CVE

CVE-2026-26208

ADB Explorer Vulnerable to Remote Code Execution via Insecure Deserialization
Back to all
CVE

CVE-2026-26208

ADB Explorer Vulnerable to Remote Code Execution via Insecure Deserialization

ADB Explorer is a fluent UI for ADB on Windows. Prior to Beta 0.9.26020, ADB Explorer is vulnerable to Insecure Deserialization leading to Remote Code Execution. The application attempts to deserialize the App.txt settings file using Newtonsoft.Json with TypeNameHandling set to Objects. This allows an attacker to supply a crafted JSON file containing a gadget chain (e.g., ObjectDataProvider) to execute arbitrary code when the application launches and subsequently saves its settings. This vulnerability is fixed in Beta 0.9.26020.

Package Versions Affected

Package Version
patch Availability
No items found.

Automatically patch vulnerabilities without upgrading

Fix Without Upgrading
Detect compatible fix
Apply safe remediation
Fix with a single pull request

CVSS Version

Severity
Base Score
CVSS Version
Score Vector
C
H
U
7.8
-
3.1
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
C
H
U
0
-
3.1
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
C
H
U
-

Related Resources

No items found.

References

https://github.com/Alex4SSB/ADB-Explorer/releases/tag/v0.9.26020, https://github.com/Alex4SSB/ADB-Explorer/security/advisories/GHSA-49qx-wpxj-p4mh, https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/26xxx/CVE-2026-26208.json, https://nvd.nist.gov/vuln/detail/CVE-2026-26208, https://github.com/Alex4SSB/ADB-Explorer/issues/294, https://github.com/Alex4SSB/ADB-Explorer/commit/776f132cede86e1405520f2a28c78276dda5ab5a

Severity

7.8

CVSS Score
0
10

Basic Information

Ecosystem
Base CVSS
7.8
EPSS Probability
0.00572%
EPSS Percentile
0.68729%
Introduced Version
0
Fix Available
776f132cede86e1405520f2a28c78276dda5ab5a,f07050cdac364a843d849bc0f7ccc35e5ab67c6b

Fix Critical Vulnerabilities Instantly

Secure your app without upgrading.
Fix Without Upgrading