Ce mail provient de l'extérieur, restons vigilants ===================================================================== CERT-Renater Note d'Information No. 2026/VULN295 _____________________________________________________________________ DATE : 12/03/2026 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running Adobe Illustrator versions prior to 29.8.5, 30.2. ===================================================================== https://helpx.adobe.com/security/products/illustrator/apsb26-18.html _____________________________________________________________________ Adobe Security Bulletin Last updated on Mar 11, 2026 Security Updates Available for Adobe Illustrator | APSB26-18 Bulletin ID Date Published Priority APSB26-18 March 10, 2026    3 Summary Adobe has released an update for Adobe Illustrator. This update resolves important and critical vulnerabilities that could lead to arbitrary code execution and memory exposure. Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates. Affected Versions Product Version Platform Illustrator 2025 29.8.4 and earlier Windows Illustrator 2026 30.1 and earlier Windows Solution Adobe categorizes these updates with the following  priority ratings and recommends users update their installation to the newest version via the Creative Cloud desktop app's update mechanism. For more information, please reference this help page. Product Version Platform Priority Availability Illustrator 2025 29.8.5 and above Windows and macOS 3 Download Page Illustrator 2026 30.2 and above Windows and macOS 3 Download Page Vulnerability Details Vulnerability Category Vulnerability Impact Severity CVSS base score CVSS vector CVE Numbers Untrusted Search Path (CWE-426) Arbitrary code execution Critical 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2026-21333 Out-of-bounds Write (CWE-787) Arbitrary code execution Critical 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-21362 Heap-based Buffer Overflow (CWE-122) Arbitrary code execution Critical 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-27271 Out-of-bounds Write (CWE-787) Arbitrary code execution Critical 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/ CVE-2026-27272 Stack-based Buffer Overflow (CWE-121) Arbitrary code execution Critical 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-27267 Out-of-bounds Read (CWE-125) Memory exposure Important 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-27268 Out-of-bounds Read (CWE-125) Memory exposure Important 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-27270 Acknowledgments Adobe would like to thank the following researcher for reporting these issues and for working with Adobe to help protect our customers:    jony_juice -- CVE-2026-21333 Francis Provencher (prl) -- CVE-2026-21362, CVE-2026-27267, CVE-2026-27268, CVE-2026-27270, CVE-2026-27271, CVE-2026-27272 NOTE: Adobe has a public bug bounty program with HackerOne. If you are interested in working with Adobe as an external security researcher, please check out https://hackerone.com/adobe. For more information, visit https://helpx.adobe.com/security.html, or email PSIRT@adobe.com. ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================