CVE-2026-34632

Photoshop Installer | CWE-427: Uncontrolled Search Path Element

CVSS 8.2 HIGHEPSS 0.2%CWE-427

Vexday Risk Score

21Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 8.2EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

15 abr 2026Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

Adobe Photoshop Installer was affected by an Uncontrolled Search Path Element vulnerability that could have resulted in arbitrary code execution in the context of the current user. A low-privileged local attacker could have exploited this vulnerability by manipulating the search path used by the application to locate critical resources, potentially causing unauthorized code execution. Exploitation of this issue required user interaction in that a user had to be running the installer.

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

Productos afectados

Adobe · Adobe Photoshop Installer

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://cwe.mitre.org/data/definitions/427.html https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2274