Adobe Illustrator versions 24.0.2 and previous versions have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
Adobe is warning of critical flaws in Adobe Bridge, Adobe Illustrator and the Magento e-commerce platform. If exploited, the most severe vulnerabilities could enable remote code execution on affected systems.
Adobe’s out-of-band security update, released on Tuesday, addressed vulnerabilities tied to 35 CVEs overall (25 of which were critical). The majority of these flaws affect Adobe Bridge (version 10.0.1 and earlier for Windows), the company’s digital asset management software.