Zero Day MonitorZDM

← Back to list

7.8

CVE-2026-27271PATCHED

adobe · illustrator

Illustrator versions 29.8.4, 30.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation

Description

Illustrator versions 29.8.4, 30.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Affected Products

Vendor	Product	Versions
adobe	illustrator	< 29.8.5, < 30.2

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
adobe	creative cloud	cert_advisory	90%

References

https://helpx.adobe.com/security/products/illustrator/apsb26-18.html(Vendor Advisory)

Related News (1 articles)

Tier B

BSI Advisories2d ago

[UPDATE] [hoch] Adobe Creative Cloud Applikationen: Mehrere Schwachstellen

→ No new info (linked only)

CVSS 3.17.8 HIGH

VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA KEV❌ No

Actively exploited❌ No

Patch available

29.8.530.2

CWECWE-122

PublishedMar 10, 2026

Last enriched5h ago

Trending Score18

Source articles1

Independent1

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-27220

Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current

HIGHCVE-2026-27276

Substance3D - Stager versions 3.1.7 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this is

HIGHCVE-2026-27272

Illustrator versions 29.8.4, 30.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of thi

HIGHCVE-2026-27274

Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of t

HIGHCVE-2026-27269

Premiere Pro versions 25.5 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An a

Pin to Dashboard

Verification

State: verified

Confidence: 100%

Vulnerability Timeline

CVE Published

Mar 10, 2026

Patch Available

Mar 11, 2026

Discovered by ZDM

Apr 1, 2026