Zero Day MonitorZDM

← Back to list

7.8

CVE-2026-27272PATCHED

adobe · illustrator

Illustrator versions 29.8.4, 30.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of thi

Description

Illustrator versions 29.8.4, 30.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Affected Products

Vendor	Product	Versions
adobe	illustrator	< 29.8.5, < 30.2

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
adobe	creative cloud	cert_advisory	90%

References

https://helpx.adobe.com/security/products/illustrator/apsb26-18.html(Vendor Advisory)

Related News (1 articles)

Tier B

BSI Advisories2d ago

[UPDATE] [hoch] Adobe Creative Cloud Applikationen: Mehrere Schwachstellen

→ No new info (linked only)

CVSS 3.17.8 HIGH

VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA KEV❌ No

Actively exploited❌ No

Patch available

29.8.530.2

CWECWE-787

PublishedMar 10, 2026

Last enriched7h ago

Trending Score18

Source articles1

Independent1

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

MEDIUMCVE-2026-3774

Self-Modifications Affecting Altered Printing and Redaction in Foxit PDF Editor

MEDIUMCVE-2026-3778

Stack exhaustion caused by cyclic references in Foxit PDF Editor/Reader

HIGHCVE-2026-27220

Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current

HIGHCVE-2026-27276

Substance3D - Stager versions 3.1.7 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this is

HIGHCVE-2026-27274

Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of t

Pin to Dashboard

Verification

State: verified

Confidence: 100%

Vulnerability Timeline

CVE Published

Mar 10, 2026

Patch Available

Mar 11, 2026

Discovered by ZDM

Apr 1, 2026