8.2
CVE-2026-34632
- EPSS 0.28%
- Veröffentlicht 15.04.2026 18:35:52
- Zuletzt bearbeitet 08.07.2026 00:22:45
- Quelle psirt@adobe.com
- CVE-Watchlists
- Unerledigt
Photoshop Installer | CWE-427: Uncontrolled Search Path Element
Adobe Photoshop Installer was affected by an Uncontrolled Search Path Element vulnerability that could have resulted in arbitrary code execution in the context of the current user. A low-privileged local attacker could have exploited this vulnerability by manipulating the search path used by the application to locate critical resources, potentially causing unauthorized code execution. Exploitation of this issue required user interaction in that a user had to be running the installer.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Adobe ≫ Photoshop Installer Version2.11.0.30
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.28% | 0.198 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| psirt@adobe.com | 8.2 | 1.5 | 6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
|
CWE-427 Uncontrolled Search Path Element
The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.
https://cwe.mitre.org/data/definitions/427.html
https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2274