Adobe Illustrator <29.8.6/30.3 NULL Pointer Deref DoS
CVE-2026-34662 Published on May 12, 2026

Illustrator | NULL Pointer Dereference (CWE-476)
Illustrator versions 29.8.6, 30.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Vendor Advisory NVD

Vulnerability Analysis

Attack Vector:

ADJACENT_NETWORK

Attack Complexity:

LOW

Privileges Required:

NONE

User Interaction:

REQUIRED

Scope:

UNCHANGED

Confidentiality Impact:

LOW

Integrity Impact:

LOW

Availability Impact:

LOW

Weakness Type

NULL Pointer Dereference

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit. NULL pointer dereference issues can occur through a number of flaws, including race conditions, and simple programming omissions.

Products Associated with CVE-2026-34662

Want to know whenever a new CVE is published for Adobe Illustrator? stack.watch will email you.

Adobe Illustrator

Affected Versions

Adobe Illustrator: