Adobe Creative Cloud Desktop Application The desktop client for Adobe Creative Cloud
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Adobe Creative Cloud Desktop Application.
Recent Adobe Creative Cloud Desktop Application Security Advisories
| Advisory | Title | Published |
|---|---|---|
| APSB25-120 | Security update available for Adobe Creative Cloud Desktop Application | APSB25-120 | December 9, 2025 |
| APSB25-95 | Security update available for Adobe Creative Cloud Desktop Application | APSB25-95 | October 14, 2025 |
| APSB24-44 | Security update available for Adobe Creative Cloud Desktop Application | APSB24-44 | June 11, 2024 |
| APSB23-21 | Security update available for Adobe Creative Cloud Desktop Application | APSB23-21 | March 14, 2023 |
| APSB22-11 | Security update available for Adobe Creative Cloud Desktop Application | APSB21-18 APSB22-11 | February 8, 2022 |
| APSB21-111 | Security update available for Adobe Creative Cloud Desktop Application | APSB21-18 APSB21-111 | November 9, 2021 |
| APSB21-76 | Security update available for Adobe Creative Cloud Desktop Application | APSB21-18 APSB21-76 | September 14, 2021 |
| APSB21-41 | Security update available for Adobe Creative Cloud Desktop Application | APSB21-18 APSB21-41 | June 8, 2021 |
| APSB21-31 | Security update available for Adobe Creative Cloud Desktop Application | APSB21-18 APSB21-31 | May 12, 2021 |
| APSB21-18 | Security update available for Adobe Creative Cloud Desktop Application | APSB21-18 | March 26, 2021 |
By the Year
In 2026 there have been 0 vulnerabilities in Adobe Creative Cloud Desktop Application. Last year, in 2025 Creative Cloud Desktop Application had 2 security vulnerabilities published. Right now, Creative Cloud Desktop Application is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 2 | 5.55 |
| 2024 | 1 | 7.10 |
| 2023 | 1 | 7.80 |
| 2022 | 1 | 7.00 |
| 2021 | 3 | 6.67 |
| 2020 | 5 | 7.80 |
| 2019 | 4 | 0.00 |
| 2018 | 4 | 9.13 |
It may take a day or so for new Creative Cloud Desktop Application vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Adobe Creative Cloud Desktop Application Security Vulnerabilities
Adobe CC Desktop <6.4.0.361 Temp File DoS via Privileged Permissions
CVE-2025-64896
5.5 - Medium
- December 09, 2025
Creative Cloud Desktop versions 6.4.0.361 and earlier are affected by a Creation of Temporary File in Directory with Incorrect Permissions vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to disrupt the application's functionality by manipulating temporary files. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Creation of Temporary File in Directory with Insecure Permissions
Creative Cloud Desktop <6.7.0.278 TOCTOU fs write vulnerability
CVE-2025-54271
5.6 - Medium
- October 15, 2025
Creative Cloud Desktop versions 6.7.0.278 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to arbitrary file system write. A low-privileged attacker could exploit the timing between the check and use of a resource, potentially allowing unauthorized modifications to files. Exploitation of this issue does not require user interaction.
TOCTTOU
Adobe CC Desktop 6.1.0.587 Uncontrolled Search Path CVE-2024-34116
CVE-2024-34116
7.1 - High
- June 13, 2024
Creative Cloud Desktop versions 6.1.0.587 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to load and execute malicious libraries, leading to arbitrary file delete. Exploitation of this issue requires user interaction.
DLL preloading
Adobe CC 5.9.1 Untrusted Search Path Exec Vulnerability
CVE-2023-26358
7.8 - High
- March 22, 2023
Creative Cloud version 5.9.1 (and earlier) is affected by an Untrusted Search Path vulnerability that might allow attackers to execute their own programs, access unauthorized data files, or modify configuration in unexpected ways. If the application uses a search path to locate critical resources such as programs, then an attacker could modify that search path to point to a malicious program, which the targeted application would then execute. The problem extends to any type of critical resource that the application trusts.
Untrusted Path
Adobe Creative Cloud Desktop version 2.7.0.13 (and earlier) is affected by an Uncontrolled Search Path Element vulnerability
CVE-2022-23202
7 - High
- February 16, 2022
Adobe Creative Cloud Desktop version 2.7.0.13 (and earlier) is affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must download a malicious DLL file. The attacker has to deliver the DLL on the same folder as the installer which makes it as a high complexity attack vector.
DLL preloading
Adobe Creative Cloud Desktop Application (installer) version 2.4 (and earlier) is affected by an Uncontrolled Search Path Element vulnerability
CVE-2021-28594
7.8 - High
- August 24, 2021
Adobe Creative Cloud Desktop Application (installer) version 2.4 (and earlier) is affected by an Uncontrolled Search Path Element vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
DLL preloading
Adobe Creative Cloud Desktop Application (installer) version 2.4 (and earlier) is affected by an Insecure temporary file creation vulnerability
CVE-2021-28633
6.1 - Medium
- August 24, 2021
Adobe Creative Cloud Desktop Application (installer) version 2.4 (and earlier) is affected by an Insecure temporary file creation vulnerability. An attacker could leverage this vulnerability to cause arbitrary file overwriting in the context of the current user. Exploitation of this issue requires physical interaction to the system.
Exposure of Resource to Wrong Sphere
Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a file handling vulnerability
CVE-2021-21068
6.1 - Medium
- March 12, 2021
Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a file handling vulnerability that could allow an attacker to cause arbitrary file overwriting. Exploitation of this issue requires physical access and user interaction.
Creation of Temporary File in Directory with Insecure Permissions
Adobe Creative Cloud Desktop Application version 5.2 (and earlier) and 2.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability
CVE-2020-24422
7.8 - High
- October 21, 2020
Adobe Creative Cloud Desktop Application version 5.2 (and earlier) and 2.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
DLL preloading
Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability
CVE-2020-9682
- July 17, 2020
Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could lead to arbitrary file system write.
Adobe Creative Cloud Desktop Application versions 5.1 and earlier have an insecure file permissions vulnerability
CVE-2020-9671
- July 17, 2020
Adobe Creative Cloud Desktop Application versions 5.1 and earlier have an insecure file permissions vulnerability. Successful exploitation could lead to privilege escalation.
Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability
CVE-2020-9670
- July 17, 2020
Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could lead to privilege escalation.
Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a lack of exploit mitigations vulnerability
CVE-2020-9669
- July 17, 2020
Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a lack of exploit mitigations vulnerability. Successful exploitation could lead to privilege escalation.
Creative Cloud Desktop Application versions 4.6.1 and earlier have a security bypass vulnerability
CVE-2019-7957
- August 16, 2019
Creative Cloud Desktop Application versions 4.6.1 and earlier have a security bypass vulnerability. Successful exploitation could lead to denial of service.
Creative Cloud Desktop Application versions 4.6.1 and earlier have an insecure inherited permissions vulnerability
CVE-2019-7958
- August 16, 2019
Creative Cloud Desktop Application versions 4.6.1 and earlier have an insecure inherited permissions vulnerability. Successful exploitation could lead to privilege escalation.
Creative Cloud Desktop Application versions 4.6.1 and earlier have a using components with known vulnerabilities vulnerability
CVE-2019-7959
- August 16, 2019
Creative Cloud Desktop Application versions 4.6.1 and earlier have a using components with known vulnerabilities vulnerability. Successful exploitation could lead to arbitrary code execution.
Creative Cloud Desktop Application 4.6.1 and earlier versions have an insecure transmission of sensitive data vulnerability
CVE-2019-8063
- August 16, 2019
Creative Cloud Desktop Application 4.6.1 and earlier versions have an insecure transmission of sensitive data vulnerability. Successful exploitation could lead to information leakage.
Adobe Creative Cloud Desktop Application before 4.6.1 has an improper certificate validation vulnerability
CVE-2018-12829
9.8 - Critical
- August 29, 2018
Adobe Creative Cloud Desktop Application before 4.6.1 has an improper certificate validation vulnerability. Successful exploitation could lead to privilege escalation.
Improper Certificate Validation
Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier have an exploitable Improper input validation vulnerability
CVE-2018-4992
7.8 - High
- May 19, 2018
Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier have an exploitable Improper input validation vulnerability. Successful exploitation could lead to local privilege escalation.
Improper Input Validation
Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier have an exploitable Improper certificate validation vulnerability
CVE-2018-4991
9.8 - Critical
- May 19, 2018
Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier have an exploitable Improper certificate validation vulnerability. Successful exploitation could lead to a security bypass.
Improper Certificate Validation
Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier have an exploitable Unquoted Search Path vulnerability
CVE-2018-4873
- May 19, 2018
Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier have an exploitable Unquoted Search Path vulnerability. Successful exploitation could lead to local privilege escalation.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Adobe Creative Cloud Desktop Application or by Adobe? Click the Watch button to subscribe.
