Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.6
Illustrator versions 29.8.4 and 30.1 may allow code to run on your computer
CVE-2026-21333
Summary
Adobe Illustrator versions 29.8.4 and 30.1 have a security weakness that could let hackers run malicious code on your computer if you open a special kind of file. This requires you to interact with the file, like opening it. You should update Illustrator to the latest version to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| adobe | illustrator | > 29.0 , <= 29.8.5 | – |
| adobe | illustrator | > 30.0 , <= 30.2 | – |
Original title
Illustrator versions 29.8.4, 30.1 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute arbitrary code in the context of the current user. Exploit...
Original description
Illustrator versions 29.8.4, 30.1 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute arbitrary code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
nvd CVSS3.1
8.6
Vulnerability type
CWE-426
Published: 10 Mar 2026 · Updated: 13 Mar 2026 · First seen: 10 Mar 2026