Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.8
Illustrator: Malicious files can run code on your computer
CVE-2026-27271
Summary
Illustrator versions 29.8.4 and 30.1 and earlier are vulnerable to a serious security issue. If you open a malicious file, it could allow an attacker to run code on your computer with your permissions. Update to the latest version to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| adobe | illustrator | > 29.0 , <= 29.8.5 | – |
| adobe | illustrator | > 30.0 , <= 30.2 | – |
Original title
Illustrator versions 29.8.4, 30.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitati...
Original description
Illustrator versions 29.8.4, 30.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
nvd CVSS3.1
7.8
Vulnerability type
CWE-122
Heap-based Buffer Overflow
Published: 10 Mar 2026 · Updated: 13 Mar 2026 · First seen: 10 Mar 2026