Adobe Illustrator vulnerabilities

CVE-2025-49530 [HIGH] CWE-787 CVE-2025-49530: Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds write vulnerability Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-49529 [HIGH] CWE-824 CVE-2025-49529: Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an Access of Uninitialized Pointer v Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-49531 [HIGH] CWE-190 CVE-2025-49531: Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an Integer Overflow or Wraparound vu Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-49532 [HIGH] CWE-191 CVE-2025-49532: Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an Integer Underflow (Wrap or Wrapar Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-30313 [MEDIUM] CWE-125 CVE-2025-30313: Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds read vulnerability Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-49524 [MEDIUM] CWE-476 CVE-2025-49524: Illustrator versions 28.7.6, 29.5.1 and earlier are affected by a NULL Pointer Dereference vulnerabi Illustrator versions 28.7.6, 29.5.1 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing a disruption in service. Exploitation of this issue requires user interaction in that a victim must open a malicious

CVE-2025-49525 [MEDIUM] CWE-125 CVE-2025-49525: Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds read vulnerability Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-30330 [HIGH] CWE-122 CVE-2025-30330: Illustrator versions 29.3, 28.7.5 and earlier are affected by a Heap-based Buffer Overflow vulnerabi Illustrator versions 29.3, 28.7.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-27167 [HIGH] CWE-426 CVE-2025-27167: Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an Untrusted Search Path vulnerabili Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute their own programs, access unauthorized data files, or modify configuration in unexpected ways. If the application uses a search path to locate critical resources such as programs, then an attacker could modify t

CVE-2025-27168 [HIGH] CWE-121 CVE-2025-27168: Illustrator versions 29.2.1, 28.7.4 and earlier are affected by a Stack-based Buffer Overflow vulner Illustrator versions 29.2.1, 28.7.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-27169 [HIGH] CWE-787 CVE-2025-27169: Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an out-of-bounds write vulnerability Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-24448 [MEDIUM] CWE-125 CVE-2025-24448: Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an out-of-bounds read vulnerability Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-27170 [MEDIUM] CWE-476 CVE-2025-27170: Illustrator versions 29.2.1, 28.7.4 and earlier are affected by a NULL Pointer Dereference vulnerabi Illustrator versions 29.2.1, 28.7.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial of service condition. Exploitation of this issue requires user interaction in that a victim must ope

CVE-2025-24449 [MEDIUM] CWE-125 CVE-2025-24449: Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an out-of-bounds read vulnerability Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-21160 [HIGH] CWE-191 CVE-2025-21160: Illustrator versions 29.1, 28.7.3 and earlier are affected by an Integer Underflow (Wrap or Wraparou Illustrator versions 29.1, 28.7.3 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-21159 [HIGH] CWE-416 CVE-2025-21159: Illustrator versions 29.1, 28.7.3 and earlier are affected by a Use After Free vulnerability that co Illustrator versions 29.1, 28.7.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-21163 [HIGH] CWE-121 CVE-2025-21163: Illustrator versions 29.1, 28.7.3 and earlier are affected by a Stack-based Buffer Overflow vulnerab Illustrator versions 29.1, 28.7.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2024-49538 [HIGH] CWE-787 CVE-2024-49538: Illustrator versions 29.0.0, 28.7.2 and earlier are affected by an out-of-bounds write vulnerability Illustrator versions 29.0.0, 28.7.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2024-49541 [MEDIUM] CWE-125 CVE-2024-49541: Illustrator versions 29.0.0, 28.7.2 and earlier are affected by an out-of-bounds read vulnerability Illustrator versions 29.0.0, 28.7.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2024-47451 [HIGH] CWE-787 CVE-2024-47451: Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds write vulnerability that co Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.