Adobe Illustrator vulnerabilities

CVE-2026-27267 [HIGH] CWE-121 CVE-2026-27267: Illustrator versions 29.8.4, 30.1 and earlier are affected by a Stack-based Buffer Overflow vulnerab Illustrator versions 29.8.4, 30.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2026-27272 [HIGH] CWE-787 CVE-2026-27272: Illustrator versions 29.8.4, 30.1 and earlier are affected by an out-of-bounds write vulnerability t Illustrator versions 29.8.4, 30.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2026-21362 [HIGH] CWE-787 CVE-2026-21362: Illustrator versions 29.8.4, 30.1 and earlier are affected by an out-of-bounds write vulnerability t Illustrator versions 29.8.4, 30.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2026-21333 [HIGH] CWE-426 CVE-2026-21333: Illustrator versions 29.8.4, 30.1 and earlier are affected by an Untrusted Search Path vulnerability Illustrator versions 29.8.4, 30.1 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute arbitrary code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2026-27271 [HIGH] CWE-122 CVE-2026-27271: Illustrator versions 29.8.4, 30.1 and earlier are affected by a Heap-based Buffer Overflow vulnerabi Illustrator versions 29.8.4, 30.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2026-27268 [MEDIUM] CWE-125 CVE-2026-27268: Illustrator versions 29.8.4, 30.1 and earlier are affected by an Out-of-bounds Read vulnerability th Illustrator versions 29.8.4, 30.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2026-27270 [MEDIUM] CWE-125 CVE-2026-27270: Illustrator versions 29.8.4, 30.1 and earlier are affected by an Out-of-bounds Read vulnerability th Illustrator versions 29.8.4, 30.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2026-21280 [HIGH] CWE-426 CVE-2026-21280: Illustrator versions 29.8.3, 30.0 and earlier are affected by an Untrusted Search Path vulnerability Illustrator versions 29.8.3, 30.0 and earlier are affected by an Untrusted Search Path vulnerability that could result in arbitrary code execution in the context of the current user. If the application uses a search path to locate critical resources such as programs, an attacker could modify that search path to point to a malicious program, which the

CVE-2026-21288 [MEDIUM] CWE-476 CVE-2026-21288: Illustrator versions 29.8.3, 30.0 and earlier are affected by a NULL Pointer Dereference vulnerabili Illustrator versions 29.8.3, 30.0 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue requires user interaction in that a victim must open a malicious fil

CVE-2025-61820 [HIGH] CWE-122 CVE-2025-61820: Illustrator versions 28.7.10, 29.8.2 and earlier are affected by a Heap-based Buffer Overflow vulner Illustrator versions 28.7.10, 29.8.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-61831 [HIGH] CWE-787 CVE-2025-61831: Illustrator versions 28.7.10, 29.8.2 and earlier are affected by an out-of-bounds write vulnerabilit Illustrator versions 28.7.10, 29.8.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-54283 [HIGH] CWE-787 CVE-2025-54283: Illustrator versions 29.7, 28.7.9 and earlier are affected by an out-of-bounds write vulnerability t Illustrator versions 29.7, 28.7.9 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-54284 [HIGH] CWE-787 CVE-2025-54284: Illustrator versions 29.7, 28.7.9 and earlier are affected by an out-of-bounds write vulnerability t Illustrator versions 29.7, 28.7.9 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-49564 [HIGH] CWE-121 CVE-2025-49564: Illustrator versions 28.7.8, 29.6.1 and earlier are affected by a Stack-based Buffer Overflow vulner Illustrator versions 28.7.8, 29.6.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-49563 [HIGH] CWE-787 CVE-2025-49563: Illustrator versions 28.7.8, 29.6.1 and earlier are affected by an out-of-bounds write vulnerability Illustrator versions 28.7.8, 29.6.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-49568 [MEDIUM] CWE-416 CVE-2025-49568: Illustrator versions 28.7.8, 29.6.1 and earlier are affected by a Use After Free vulnerability that Illustrator versions 28.7.8, 29.6.1 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-49567 [MEDIUM] CWE-476 CVE-2025-49567: Illustrator versions 28.7.8, 29.6.1 and earlier are affected by a NULL Pointer Dereference vulnerabi Illustrator versions 28.7.8, 29.6.1 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing a disruption in service. Exploitation of this issue requires user interaction in that a victim must open a malicious

CVE-2025-49528 [HIGH] CWE-121 CVE-2025-49528: Illustrator versions 28.7.6, 29.5.1 and earlier are affected by a Stack-based Buffer Overflow vulner Illustrator versions 28.7.6, 29.5.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-49527 [HIGH] CWE-121 CVE-2025-49527: Illustrator versions 28.7.6, 29.5.1 and earlier are affected by a Stack-based Buffer Overflow vulner Illustrator versions 28.7.6, 29.5.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-49526 [HIGH] CWE-787 CVE-2025-49526: Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds write vulnerability Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.