CVE-2026-48336 PUBLISHED

Illustrator | Out-of-bounds Write (CWE-787)

Assigner: adobe
Reserved: 21.05.2026 Published: 14.07.2026 Updated: 15.07.2026

Illustrator is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Metrics

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS Score: 7.8

Product Status

Vendor Adobe
Product Illustrator Desktop 2026
Versions Default: affected
  • affected from 0 to 30.5 (incl.)
  • Version 30.6 is unaffected
Vendor Adobe
Product Illustrator Desktop 2025
Versions Default: affected
  • affected from 0 to 29.8.7 (incl.)
  • Version 29.8.9 is unaffected

References

Problem Types

  • Out-of-bounds Write (CWE-787) CWE