Adobe Photoshop Popular Photo Editing Software
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Adobe Photoshop.
Recent Adobe Photoshop Security Advisories
| Advisory | Title | Published |
|---|---|---|
| APSB25-30 | Security updates available for Adobe Photoshop | APSB25-30 | April 8, 2025 |
| APSB25-02 | Security updates available for Adobe Photoshop | APSB25-02 | January 14, 2025 |
| APSB24-101 | Security updates available for Adobe Photoshop | APSB24-101 | December 10, 2024 |
| APSB24-89 | Security updates available for Adobe Photoshop | APSB24-89 | November 12, 2024 |
| APSB24-72 | Security updates available for Adobe Photoshop | APSB24-72 | September 10, 2024 |
| APSB24-49 | Security updates available for Adobe Photoshop | APSB24-49 | August 14, 2024 |
| APSB24-27 | Security updates available for Adobe Photoshop | APSB24-27 | June 13, 2024 |
| APSB24-16 | Security updates available for Adobe Photoshop | APSB24-16 | April 9, 2024 |
| APSB23-56 | Security updates available for Adobe Photoshop | APSB23-56 | November 14, 2023 |
| APSB23-51 | Security updates available for Adobe Photoshop | APSB23-51 | October 10, 2023 |
By the Year
In 2025 there have been 3 vulnerabilities in Adobe Photoshop with an average score of 7.8 out of ten. Last year, in 2024 Photoshop had 9 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Photoshop in 2025 could surpass last years number. However, the average CVE base score of the vulnerabilities in 2025 is greater by 0.26.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 3 | 7.80 |
| 2024 | 9 | 7.54 |
| 2023 | 0 | 0.00 |
| 2022 | 1 | 7.80 |
| 2021 | 1 | 7.80 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 1 | 7.50 |
It may take a day or so for new Photoshop vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Adobe Photoshop Security Vulnerabilities
Photoshop Desktop versions 25.12.1, 26.4.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability
CVE-2025-27198
7.8 - High
- April 08, 2025
Photoshop Desktop versions 25.12.1, 26.4.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Heap-based Buffer Overflow
Photoshop Desktop versions 25.12, 26.1 and earlier are affected by an Uncontrolled Search Path Element vulnerability
CVE-2025-21127
7.8 - High
- January 14, 2025
Photoshop Desktop versions 25.12, 26.1 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could lead to arbitrary code execution. An attacker could manipulate the search path environment variable to point to a malicious library, resulting in the execution of arbitrary code when the application loads. Exploitation of this issue requires user interaction in that a victim must run the vulnerable application.
DLL preloading
Photoshop Desktop versions 25.12, 26.1 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability
CVE-2025-21122
7.8 - High
- January 14, 2025
Photoshop Desktop versions 25.12, 26.1 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Integer underflow
Adobe Photoshop Use After Free Vulnerability in File Handling
CVE-2024-52997
7.8 - High
- December 10, 2024
Photoshop Desktop versions 26.0 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Dangling pointer
Photoshop Desktop versions 24.7.3, 25.11 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability
CVE-2024-49514
7.8 - High
- November 12, 2024
Photoshop Desktop versions 24.7.3, 25.11 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Integer underflow
Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by a Heap-based Buffer Overflow vulnerability
CVE-2024-43756
7.8 - High
- September 13, 2024
Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Buffer Overflow
Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability
CVE-2024-43760
7.8 - High
- September 13, 2024
Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability
CVE-2024-45108
7.8 - High
- September 13, 2024
Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability
CVE-2024-45109
7.8 - High
- September 13, 2024
Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Photoshop Desktop versions 24.7.3, 25.9.1 and earlier are affected by a Use After Free vulnerability
CVE-2024-34117
7.8 - High
- August 14, 2024
Photoshop Desktop versions 24.7.3, 25.9.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Dangling pointer
Photoshop Desktop versions 24.7.3, 25.7 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file
CVE-2024-20753
7.8 - High
- June 13, 2024
Photoshop Desktop versions 24.7.3, 25.7 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Photoshop Desktop versions 24.7.2, 25.3.1 and earlier are affected by an out-of-bounds read vulnerability
CVE-2024-20770
5.5 - Medium
- April 10, 2024
Photoshop Desktop versions 24.7.2, 25.3.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Out-of-bounds Read
Adobe Photoshop versions 22.5.4 (and earlier) and 23.1 (and earlier) are affected by a buffer overflow vulnerability due to insecure handling of a crafted file
CVE-2022-23203
7.8 - High
- February 16, 2022
Adobe Photoshop versions 22.5.4 (and earlier) and 23.1 (and earlier) are affected by a buffer overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file in Photoshop.
Classic Buffer Overflow
Adobe Photoshop versions 21.2.5 (and earlier) and 22.2 (and earlier) are affected by a Memory Corruption vulnerability when parsing a specially crafted file
CVE-2021-21082
7.8 - High
- March 12, 2021
Adobe Photoshop versions 21.2.5 (and earlier) and 22.2 (and earlier) are affected by a Memory Corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Memory Corruption
Adobe Photoshop CC versions 19.1.6 and earlier have an out-of-bounds read vulnerability
CVE-2018-15980
7.5 - High
- November 29, 2018
Adobe Photoshop CC versions 19.1.6 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Out-of-bounds Read
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Adobe Photoshop or by Adobe? Click the Watch button to subscribe.
