CVE-2026-34632HIGH 8.2EPSS p11.6%

CVE-2026-34632CVE-2026-34632

Description

Adobe Photoshop Installer was affected by an Uncontrolled Search Path Element vulnerability that could have resulted in arbitrary code execution in the context of the current user. A low-privileged local attacker could have exploited this vulnerability by manipulating the search path used by the application to locate critical resources, potentially causing unauthorized code execution. Exploitation of this issue required user interaction in that a user had to be running the installer.

Scoring

CVSS 3.18.2 (HIGH)
VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
EPSS0.21% probability of exploitation · percentile 11.6% · 2026-06-18T12:00:27Z
Published2026-04-15
Last modified2026-04-22

Underlying weaknesses· 1

CWE-427

References

  1. https://cwe.mitre.org/data/definitions/427.html
  2. https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2274

1

TypeTargetConfidenceTier
WeaknessUncontrolled Search Path Elementcwe-4270%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-27290
CVE
CVE-2026-27289
CVE
CVE-2026-21333
CVE
CVE-2026-21280
CVE
CVE-2026-47937
CVE
CVE-2026-34653
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.