Untrusted Search Path Vulnerability in Adobe Illustrator
CVE-2026-48275

8.6HIGH

What is CVE-2026-48275?

Adobe Illustrator is susceptible to an untrusted search path vulnerability, which may allow attackers to execute arbitrary code within the context of the current user. This issue requires user interaction, as exploitation is triggered when a victim opens a specially crafted malicious file. Proper user awareness and file security practices are essential to mitigate this risk.

Affected Version(s)

Illustrator Desktop 2025 0 <= 29.8.7

Illustrator Desktop 2025 0 <= 29.8.7

Illustrator Desktop 2026 0 <= 30.5

References

CVSS V3.1

Score:
8.6
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.