CVE Catalog

CVE-2026-34662

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.13%

3th percentile - higher than 3% of all known CVEs

Summary

A NULL Pointer Dereference vulnerability in Illustrator versions 29.8.6, 30.3 and earlier could lead to a denial-of-service (DoS) condition via application crash. Exploitation requires user interaction to open a malicious file.

Risk Assessment

The risk involves an attacker potentially causing a crash of Illustrator, disrupting user work and potentially leading to loss of unsaved data.

Recommendation

It is recommended to immediately update Adobe Illustrator to the latest available version that includes a fix for this vulnerability.

Original NVD description (English source)

Illustrator versions 29.8.6, 30.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS