Description

ADB Explorer is a fluent UI for ADB on Windows. Prior to Beta 0.9.26020, ADB Explorer is vulnerable to Insecure Deserialization leading to Remote Code Execution. The application attempts to deserialize the App.txt settings file using Newtonsoft.Json with TypeNameHandling set to Objects. This allows an attacker to supply a crafted JSON file containing a gadget chain (e.g., ObjectDataProvider) to execute arbitrary code when the application launches and subsequently saves its settings. This vulnerability is fixed in Beta 0.9.26020.

INFO

Published Date :

2026-02-13T18:48:56.398Z

Last Modified :

2026-02-13T19:21:56.476Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-26208 vulnerability.

Vendors Products
Alex4ssb
  • Adb-explorer
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-26208.

URL Resource
https://github.com/Alex4SSB/ADB-Explorer/commit/776f132cede86e1405520f2a28c78276dda5ab5a cve-icon cve-icon
https://github.com/Alex4SSB/ADB-Explorer/issues/294 cve-icon cve-icon
https://github.com/Alex4SSB/ADB-Explorer/releases/tag/v0.9.26020 cve-icon cve-icon
https://github.com/Alex4SSB/ADB-Explorer/security/advisories/GHSA-49qx-wpxj-p4mh cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact