Adobe After Effects
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Adobe After Effects.
By the Year
In 2025 there have been 9 vulnerabilities in Adobe After Effects with an average score of 6.0 out of ten. Last year, in 2024 After Effects had 13 security vulnerabilities published. Right now, After Effects is on track to have less security vulnerabilities in 2025 than it did last year. Last year, the average CVE base score was greater by 0.73
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 9 | 6.01 |
| 2024 | 13 | 6.74 |
| 2023 | 4 | 7.23 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 7.80 |
| 2020 | 1 | 9.80 |
| 2019 | 1 | 7.80 |
It may take a day or so for new After Effects vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Adobe After Effects Security Vulnerabilities
Adobe After Effects OOB Read (cve-2025-43587) before 25.2, 24.6.6
CVE-2025-43587
5.5 - Medium
- July 08, 2025
After Effects versions 25.2, 24.6.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe AE 25.2/24.6.6 NULL Pointer Deref DoS
CVE-2025-47109
5.5 - Medium
- July 08, 2025
After Effects versions 25.2, 24.6.6 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
NULL Pointer Dereference
Adobe AE OOB Write CVE-2025-27182 25.1/24.6.4&prior Code Exec
CVE-2025-27182
7.8 - High
- April 08, 2025
After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
After Effects <=25.1 OOB Write => Arbitrary Code Exec
CVE-2025-27183
7.8 - High
- April 08, 2025
After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe After Effects 25.1 OOB Read Vulnerability
CVE-2025-27184
5.5 - Medium
- April 08, 2025
After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
NULL Ptr Deref in After Effects <25.2 Causes DoS (User-Interaction Required)
CVE-2025-27185
5.5 - Medium
- April 08, 2025
After Effects versions 25.1, 24.6.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
NULL Pointer Dereference
Adobe After Effects OOB Read in File Parser before v25.2
CVE-2025-27186
5.5 - Medium
- April 08, 2025
After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe AE <=24.6.4/25.1 OOB Read Exposing Sensitive Memory
CVE-2025-27187
5.5 - Medium
- April 08, 2025
After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe After Effects OOB Read Vulnerability (v <25.2)
CVE-2025-27204
5.5 - Medium
- April 08, 2025
After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe After Effects Stack-based Buffer Overflow Vulnerability
CVE-2024-49537
7.8 - High
- December 10, 2024
After Effects versions 24.6.2, 25.0.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe After Effects Out-of-Bounds Write Vulnerability
CVE-2024-47441
7.8 - High
- November 12, 2024
After Effects versions 23.6.9, 24.6.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe After Effects Out-of-Bounds Write Vulnerability
CVE-2024-47442
7.8 - High
- November 12, 2024
After Effects versions 23.6.9, 24.6.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe After Effects Out-of-Bounds Write Vulnerability
CVE-2024-47443
7.8 - High
- November 12, 2024
After Effects versions 23.6.9, 24.6.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe After Effects Out-of-Bounds Read Vulnerability
CVE-2024-47444
5.5 - Medium
- November 12, 2024
After Effects versions 23.6.9, 24.6.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe After Effects Out-of-Bounds Read Vulnerability
CVE-2024-47445
5.5 - Medium
- November 12, 2024
After Effects versions 23.6.9, 24.6.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe After Effects Out-of-Bounds Read Vulnerability
CVE-2024-47446
5.5 - Medium
- November 12, 2024
After Effects versions 23.6.9, 24.6.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe After Effects Heap Buffer Overflow before 24.5 (CVE-2024-39380)
CVE-2024-39380
7.8 - High
- September 13, 2024
After Effects versions 23.6.6, 24.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Buffer Overflow
Adobe After Effects OOB Write 24.5 Causing Arbitrary Code Exec
CVE-2024-39381
7.8 - High
- September 13, 2024
After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe After Effects OOB read in 23.6.6/24.5 (CVE-2024-39382)
CVE-2024-39382
5.5 - Medium
- September 13, 2024
After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe After Effects OOB Write in File Parser UE 23.6.6/24.5
CVE-2024-41859
7.8 - High
- September 13, 2024
After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe After Effects OOB Read pre-24.5 ASLR Bypass Vulnerability
CVE-2024-41867
5.5 - Medium
- September 13, 2024
After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
OOB Read in Adobe AE 24.1 (CVE202420737)
CVE-2024-20737
5.5 - Medium
- April 10, 2024
After Effects versions 24.1, 23.6.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe After Effects OOB Write CVE-2023-48632 (before v24.0.3 & v23.6.0)
CVE-2023-48632
7.8 - High
- December 13, 2023
Adobe After Effects versions 24.0.3 (and earlier) and 23.6.0 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe After Effects UAF before 24.0.3 / 23.6.0 leads to Code Exec
CVE-2023-48633
7.8 - High
- December 13, 2023
Adobe After Effects versions 24.0.3 (and earlier) and 23.6.0 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Dangling pointer
Adobe AE 24.0.3/23.6.0 Improper Input Validation Arbitrary Code Exec
CVE-2023-48634
7.8 - High
- December 13, 2023
Adobe After Effects versions 24.0.3 (and earlier) and 23.6.0 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Adobe After Effects 24.0.3 OOB Read Bypass ASLR
CVE-2023-48635
5.5 - Medium
- December 13, 2023
Adobe After Effects versions 24.0.3 (and earlier) and 23.6.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe After Effects version 18.2.1 (and earlier) is affected by an out-of-bounds Write vulnerability when parsing a specially crafted file
CVE-2021-35993
7.8 - High
- September 02, 2021
Adobe After Effects version 18.2.1 (and earlier) is affected by an out-of-bounds Write vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe After Effects versions 16.1.2 and earlier have an out-of-bounds write vulnerability
CVE-2020-3765
9.8 - Critical
- February 20, 2020
Adobe After Effects versions 16.1.2 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.
Memory Corruption
Adobe After Effects versions 16 and earlier have an insecure library loading (dll hijacking) vulnerability
CVE-2019-8062
7.8 - High
- August 14, 2019
Adobe After Effects versions 16 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to arbitrary code execution.
DLL preloading
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Adobe After Effects or by Adobe? Click the Watch button to subscribe.
