Cyber Resilience

CVE-2026-21333

HighLPE

Published: 10 March 2026

Published
10 March 2026
Modified
11 March 2026
KEV Added
Patch
CVSS Score v3.1 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS Score 0.0016 5.7th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-21333 is a high-severity Untrusted Search Path (CWE-426) vulnerability in Adobe Illustrator. Its CVSS base score is 8.6 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique DLL (T1574.001); ranked at the 5.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-21333 is an Untrusted Search Path vulnerability (CWE-426) affecting Adobe Illustrator versions 29.8.4, 30.1, and earlier. Published on 2026-03-10T23:16:43.400, the issue carries a CVSS v3.1 base score of 8.6 (AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H). It might allow attackers to execute arbitrary code in the context of the current user upon opening a malicious file.

The attack requires local access with low complexity and no attacker privileges, but depends on user interaction as the victim must open a malicious file. Successful exploitation enables arbitrary code execution under the current user's context, with high impacts to confidentiality, integrity, and availability, amplified by a change in scope.

Adobe's security bulletin APSB26-18, available at https://helpx.adobe.com/security/products/illustrator/apsb26-18.html, details mitigations and patches for this vulnerability.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Illustrator versions 29.8.4, 30.1 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute arbitrary code in the context of the current user. Exploitation of this issue requires user interaction in that a victim…

more

must open a malicious file.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1574.001 DLL Stealth
Adversaries may abuse dynamic-link library files (DLLs) in order to achieve persistence, escalate privileges, and evade defenses.
T1204.002 Malicious File Execution
An adversary may rely upon a user opening a malicious file in order to gain execution.
Why these techniques?

Untrusted Search Path (CWE-426) directly enables DLL Search Order Hijacking / Side-Loading (T1038/T1574.002) upon user opening a malicious file (T1204.002).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-27267Same product: Adobe Illustrator
CVE-2026-21362Same product: Adobe Illustrator
CVE-2026-27272Same product: Adobe Illustrator
CVE-2026-27271Same product: Adobe Illustrator
CVE-2025-27167Same product: Adobe Illustrator
CVE-2026-21280Same product: Adobe Illustrator
CVE-2026-27290Same product: Microsoft Windows
CVE-2026-34618Same product: Adobe Illustrator
CVE-2025-21160Same product: Adobe Illustrator
CVE-2026-34687Same product: Adobe Illustrator

Affected Assets

adobe
illustrator
29.0 — 29.8.5 · 30.0 — 30.2

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates the untrusted search path vulnerability by requiring timely patching of affected Adobe Illustrator versions as detailed in APSB26-18.

detect

Enables scanning and identification of vulnerable Illustrator versions exposed to CVE-2026-21333 untrusted search path flaw.

preventdetect

Deploys malicious code protection to scan and block arbitrary code execution from malicious DLLs loaded via untrusted search paths when opening files.

References