Uncontrolled Search Path Element Vulnerability in Adobe Photoshop Installer
CVE-2026-34632

8.2HIGH

Key Information:

Vendor: Adobe
Status: Adobe Photoshop Installer
Vendor: CVE Published:; 15 April 2026

What is CVE-2026-34632?

The Adobe Photoshop Installer is affected by an Uncontrolled Search Path Element vulnerability, which allows a low-privileged local attacker to exploit this flaw and execute arbitrary code in the context of the current user. By manipulating the search path utilized by the application to locate essential resources, an attacker could potentially cause unauthorized code execution. It is important to note that successful exploitation requires user interaction, as the user must be actively running the installer.

Affected Version(s)

Adobe Photoshop Installer 0

References

https://cwe.mitre.org/data/definitions/427.html

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 15, 2026
Vulnerability Reserved
Mar 30, 2026

CVE-2026-34632 Data

JSON