CVE-2026-21333 Illustrator — Exploit & Vulnerability Details HIGH

CVE-2026-21333

HIGH CVSS 3.1: 8.6 EPSS 0.03%

Parameter	Value
CVSS	8.6 (HIGH)
Type	CWE-426
Vendor	Illustrator
Public PoC	No

Illustrator versions 29.8.4, 30.1 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute arbitrary code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Attack Parameters

Attack Vector

Local

Requires local access

Attack Complexity

Low

Easy to exploit

Privileges Required

None

No privileges needed

User Interaction

Required

User action required

Impact Assessment

Confidentiality

High

Complete data leak

Integrity

High

Complete data modification

Availability

High

Complete denial of service

CVSS Vector v3.1

Weakness Type (CWE)

CWE-426

References 1

https://helpx.adobe.com/security/products/illustrator/apsb26-18.html

psirt@adobe.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-27272

Illustrator

7.8

CVE-2026-27271

Illustrator

7.8

CVE-2026-27270

Illustrator

5.5

CVE-2026-27268

Illustrator

5.5

CVE-2026-27267

Illustrator

7.8

Menu

CVE-2026-21333

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-27272

CVE-2026-27271

CVE-2026-27270

CVE-2026-27268

CVE-2026-27267

CVE Details

Editor's Choice

Menu

CVE-2026-21333

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-27272

CVE-2026-27271

CVE-2026-27270

CVE-2026-27268

CVE-2026-27267

CVE Details

Editor's Choice

Stay informed on cybersecurity