Adobe Photoshop Popular Photo Editing Software
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Adobe Photoshop.
Recent Adobe Photoshop Security Advisories
| Advisory | Title | Published |
|---|---|---|
| APSB25-108 | Security updates available for Adobe Photoshop | APSB25-108 | November 11, 2025 |
| APSB25-75 | Security updates available for Adobe Photoshop | APSB25-75 | August 12, 2025 |
| APSB25-40 | Security updates available for Adobe Photoshop | APSB25-40 | May 13, 2025 |
| APSB25-30 | Security updates available for Adobe Photoshop | APSB25-30 | April 8, 2025 |
| APSB25-02 | Security updates available for Adobe Photoshop | APSB25-02 | January 14, 2025 |
| APSB24-101 | Security updates available for Adobe Photoshop | APSB24-101 | December 10, 2024 |
| APSB24-89 | Security updates available for Adobe Photoshop | APSB24-89 | November 12, 2024 |
| APSB24-72 | Security updates available for Adobe Photoshop | APSB24-72 | September 10, 2024 |
| APSB24-49 | Security updates available for Adobe Photoshop | APSB24-49 | August 14, 2024 |
| APSB24-27 | Security updates available for Adobe Photoshop | APSB24-27 | June 13, 2024 |
By the Year
In 2026 there have been 0 vulnerabilities in Adobe Photoshop. Last year, in 2025 Photoshop had 8 security vulnerabilities published. Right now, Photoshop is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 8 | 7.80 |
| 2024 | 9 | 7.54 |
| 2023 | 15 | 6.84 |
| 2022 | 11 | 7.59 |
| 2021 | 2 | 7.80 |
| 2020 | 5 | 0.00 |
| 2019 | 36 | 0.00 |
| 2018 | 1 | 7.50 |
It may take a day or so for new Photoshop vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Adobe Photoshop Security Vulnerabilities
Photoshop Desktop <=26.8.1 Heap Buffer Overflow (CVE-2025-61819)
CVE-2025-61819
7.8 - High
- November 11, 2025
Photoshop Desktop versions 26.8.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Heap-based Buffer Overflow
Photoshop Desktop <26.8 OOB Write in File Parsing
CVE-2025-49570
7.8 - High
- August 12, 2025
Photoshop Desktop versions 25.12.3, 26.8 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe Photoshop Desktop <=26.5 Uninitialized Pointer CVE-2025-30326
CVE-2025-30326
7.8 - High
- May 13, 2025
Photoshop Desktop versions 26.5, 25.12.2 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Access of Uninitialized Pointer
Int Overflow in Adobe Photoshop <=26.5 -> Exec (CVE-2025-30325)
CVE-2025-30325
7.8 - High
- May 13, 2025
Photoshop Desktop versions 26.5, 25.12.2 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Integer Overflow or Wraparound
Adobe Photoshop Desktop <=26.5 Int Underflow—Arbitrary Code Exec
CVE-2025-30324
7.8 - High
- May 13, 2025
Photoshop Desktop versions 26.5, 25.12.2 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Integer underflow
Photoshop Desktop 25.12.1/26.4.1 Heap-BO Vulnerability in File Parser
CVE-2025-27198
7.8 - High
- April 08, 2025
Photoshop Desktop versions 25.12.1, 26.4.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Heap-based Buffer Overflow
Adobe Photoshop to 26.1 Integer Underflow (Wrap) CVE-2025-21122
CVE-2025-21122
7.8 - High
- January 14, 2025
Photoshop Desktop versions 25.12, 26.1 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Integer underflow
Photoshop Desktop Unctrl Search Path Vuln CVE-2025-21127 (pre 27.0)
CVE-2025-21127
7.8 - High
- January 14, 2025
Photoshop Desktop versions 25.12, 26.1 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could lead to arbitrary code execution. An attacker could manipulate the search path environment variable to point to a malicious library, resulting in the execution of arbitrary code when the application loads. Exploitation of this issue requires user interaction in that a victim must run the vulnerable application.
DLL preloading
Adobe Photoshop Use After Free Vulnerability in File Handling
CVE-2024-52997
7.8 - High
- December 10, 2024
Photoshop Desktop versions 26.0 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Dangling pointer
Integer Underflow in Adobe Photoshop Desktop 25.11 (Arbitrary Code Exec)
CVE-2024-49514
7.8 - High
- November 12, 2024
Photoshop Desktop versions 24.7.3, 25.11 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Integer underflow
Adobe Photoshop Desktop OOB Write CVE-2024-45109 <25.11 Exec
CVE-2024-45109
7.8 - High
- September 13, 2024
Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe Photoshop Desktop OOB Write Vulnerability (25.11)
CVE-2024-45108
7.8 - High
- September 13, 2024
Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Photoshop OOB Write Arbitrary Code Exec (25.11)
CVE-2024-43760
7.8 - High
- September 13, 2024
Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe Photoshop Desktop <=25.11 Heap Overflow Arbitrary Code Exec
CVE-2024-43756
7.8 - High
- September 13, 2024
Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Buffer Overflow
Use-After-Free in Adobe Photoshop Desktop (v24.7.3/25.9.1-) Arbitrary Code Exec
CVE-2024-34117
7.8 - High
- August 14, 2024
Photoshop Desktop versions 24.7.3, 25.9.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Dangling pointer
Adobe Photoshop Desktop OOB Read 24.7.3/25.7 Code Exec via Malicious File
CVE-2024-20753
7.8 - High
- June 13, 2024
Photoshop Desktop versions 24.7.3, 25.7 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
OOB Read in Photoshop Desktop <24.7.2: Sensitive Data Leak
CVE-2024-20770
5.5 - Medium
- April 10, 2024
Photoshop Desktop versions 24.7.2, 25.3.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe Photoshop OOB Read in 24.7.1/25.0 via Malicious File
CVE-2023-44333
5.5 - Medium
- November 16, 2023
Adobe Photoshop versions 24.7.1 (and earlier) and 25.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Adobe Photoshop <=25.0 OOB Write CVE-2023-44330
CVE-2023-44330
7.8 - High
- November 16, 2023
Adobe Photoshop versions 24.7.1 (and earlier) and 25.0 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe Photoshop <=25.0 OOB Read CVE-2023-44332
CVE-2023-44332
- November 16, 2023
Adobe Photoshop versions 24.7.1 (and earlier) and 25.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Adobe Photoshop OOB Read <25.0 Disclosure
CVE-2023-44331
5.5 - Medium
- November 16, 2023
Adobe Photoshop versions 24.7.1 (and earlier) and 25.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Adobe Photoshop 24.7.125.0 OOB RA Memory Disclosure
CVE-2023-44334
- November 16, 2023
Adobe Photoshop versions 24.7.1 (and earlier) and 25.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Adobe Photoshop 24.7.1 & 25.0 - OOBR Memory Disclosure & ASLR Bypass
CVE-2023-44335
- November 16, 2023
Adobe Photoshop versions 24.7.1 (and earlier) and 25.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe Photoshop AOU-Ptr Vulnerability (24.7)
CVE-2023-26370
7.8 - High
- October 11, 2023
Adobe Photoshop versions 23.5.5 (and earlier) and 24.7 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Access of Uninitialized Pointer
OOB Write in Adobe Photoshop Image Parser (v23.0.2/22.5.4)
CVE-2021-43018
7.8 - High
- September 07, 2023
Adobe Photoshop versions 23.0.2 and 22.5.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious JPG file.
Memory Corruption
Adobe Photoshop OOB Read CVE-2021-42734 < 22.5.1
CVE-2021-42734
5.5 - Medium
- September 07, 2023
Adobe Photoshop version 22.5.1 ?and earlier?versions???are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe Photoshop <24.1.1: Use-After-Free in 23.5.3 Arbitrary Code Execution
CVE-2023-25908
7.8 - High
- March 27, 2023
Adobe Photoshop versions 23.5.3 (and earlier) and 24.1.1 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Dangling pointer
Adobe Photoshop <23.5.3 Improper Input Validation AUC
CVE-2023-21574
7.8 - High
- February 17, 2023
Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Improper Input Validation
Adobe Photoshop v23.5.3/24.1 OOB Read Memory Disclosure
CVE-2023-21577
5.5 - Medium
- February 17, 2023
Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe Photoshop OOB Write CVE-2023-21576 (v23.5.3/24.1 and earlier)
CVE-2023-21576
7.8 - High
- February 17, 2023
Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe Photoshop OOB Write 23.5.3/24.1 Code Exec via Malicious File
CVE-2023-21575
7.8 - High
- February 17, 2023
Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
OOB Read Disclosure in Adobe Photoshop <=23.5.3/24.1
CVE-2023-21578
5.5 - Medium
- February 17, 2023
Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Out-of-Bounds Read in Photoshop 22.5.8/23.4.2 Image Parser
CVE-2022-38430
7.8 - High
- September 16, 2022
Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe Photoshop <22.5.8 & <23.4.2: UninitPtr RCE via Malicious File
CVE-2022-38426
7.8 - High
- September 16, 2022
Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Access of Uninitialized Pointer
Adobe Photoshop OOB Read via Crafted File (v22.5<22.5.8, v23.4<23.4.2)
CVE-2022-38431
7.8 - High
- September 16, 2022
Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe Photoshop OOB Read 22.5.8/23.4.2
CVE-2022-38429
7.8 - High
- September 16, 2022
Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe Photoshop v22.5.8/23.4.2 UA Vulnerability Disclosure & ASLR Bypass
CVE-2022-38428
5.5 - Medium
- September 16, 2022
Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Dangling pointer
Adobe Photoshop: Uninitialized Pointer CVE-2022-38427 (22.5.8/23.4.2)
CVE-2022-38427
7.8 - High
- September 16, 2022
Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Access of Uninitialized Pointer
Adobe Photoshop 22.5.8-23.4.2 Heap BF Vulnerability
CVE-2022-38432
7.8 - High
- September 16, 2022
Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe Photoshop <22.5.8 & <23.4.2: Heap Overflow Arbitrary Code
CVE-2022-38433
7.8 - High
- September 16, 2022
Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.sue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe Photoshop UAF in 22.5.8/23.4.2 Arbitrary Code Execution
CVE-2022-38434
7.8 - High
- September 16, 2022
Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Dangling pointer
OOB Write in Adobe Photoshop <22.5.8/23.4.2 Enables Arbitrary Code Exec
CVE-2022-35713
7.8 - High
- September 16, 2022
Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe Photoshop versions 22.5.4 (and earlier) and 23.1 (and earlier) are affected by a buffer overflow vulnerability due to insecure handling of a crafted file
CVE-2022-23203
7.8 - High
- February 16, 2022
Adobe Photoshop versions 22.5.4 (and earlier) and 23.1 (and earlier) are affected by a buffer overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file in Photoshop.
Classic Buffer Overflow
Adobe Photoshop versions 21.2.5 (and earlier) and 22.2 (and earlier) are affected by a Memory Corruption vulnerability when parsing a specially crafted file
CVE-2021-21082
7.8 - High
- March 12, 2021
Adobe Photoshop versions 21.2.5 (and earlier) and 22.2 (and earlier) are affected by a Memory Corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by an Out-of-bounds Write vulnerability
CVE-2021-21047
- February 11, 2021
Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by an Out-of-bounds Write vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds write vulnerability
CVE-2020-9687
- July 22, 2020
Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .
Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds read vulnerability
CVE-2020-9686
- July 22, 2020
Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution.
Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds write vulnerability
CVE-2020-9685
- July 22, 2020
Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .
Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds write vulnerability
CVE-2020-9684
- July 22, 2020
Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .
Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds read vulnerability
CVE-2020-9683
- July 22, 2020
Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Adobe Photoshop or by Adobe? Click the Watch button to subscribe.
