CVE-2026-34632 | THREATINT

Description

Adobe Photoshop Installer was affected by an Uncontrolled Search Path Element vulnerability that could have resulted in arbitrary code execution in the context of the current user. A low-privileged local attacker could have exploited this vulnerability by manipulating the search path used by the application to locate critical resources, potentially causing unauthorized code execution. Exploitation of this issue required user interaction in that a user had to be running the installer.

PUBLISHED Reserved 2026-03-30 | Published 2026-04-15 | Updated 2026-04-22 | Assigner adobe

HIGH: 8.2CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

Problem types

CWE-427: Uncontrolled Search Path Element

Product status

Default status

unaffected

Any version

affected

References

www.talosintelligence.com/...ability_reports/TALOS-2025-2274

cwe.mitre.org/data/definitions/427.html

cve.org (CVE-2026-34632)

nvd.nist.gov (CVE-2026-34632)

Download JSON