Cyber Resilience

CVE-2026-34632

High

Published: 15 April 2026

Published
15 April 2026
Modified
22 April 2026
KEV Added
Patch
CVSS Score v3.1 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
EPSS Score 0.0021 11.6th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-34632 is a high-severity Uncontrolled Search Path Element (CWE-427) vulnerability in Mitre (inferred from references). Its CVSS base score is 8.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Path Interception by Search Order Hijacking (T1574.008); ranked at the 11.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 CM-6 (Configuration Settings) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-34632 is an Uncontrolled Search Path Element vulnerability (CWE-427) affecting the Adobe Photoshop Installer. This flaw allows arbitrary code execution in the context of the current user by enabling manipulation of the search path the application uses to locate critical resources. The vulnerability carries a CVSS v3.1 base score of 8.2 (AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H) and was published on 2026-04-15.

A low-privileged local attacker can exploit this issue when a user runs the installer, which requires user interaction. By manipulating the search path, the attacker can cause the application to execute unauthorized code, potentially leading to full compromise of the user's session with high confidentiality, integrity, and availability impacts due to the elevated scope (S:C).

For mitigation details, refer to the CWE-427 definition at https://cwe.mitre.org/data/definitions/427.html and the Talos Intelligence advisory TALOS-2025-2274 at https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2274.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Adobe Photoshop Installer was affected by an Uncontrolled Search Path Element vulnerability that could have resulted in arbitrary code execution in the context of the current user. A low-privileged local attacker could have exploited this vulnerability by manipulating the search…

more

path used by the application to locate critical resources, potentially causing unauthorized code execution. Exploitation of this issue required user interaction in that a user had to be running the installer.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1574.008 Path Interception by Search Order Hijacking Stealth
Adversaries may execute their own malicious payloads by hijacking the search order used to load other programs.
Why these techniques?

The vulnerability is an uncontrolled search path element (CWE-427) in the Adobe Photoshop Installer that allows manipulation of the search path for critical resources to achieve arbitrary code execution; this directly maps to path interception by search order hijacking.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-5271Shared CWE-427
CVE-2025-33208Shared CWE-427
CVE-2026-34054Shared CWE-427
CVE-2024-53977Shared CWE-427
CVE-2025-25003Shared CWE-427
CVE-2026-7279Shared CWE-427
CVE-2024-9498Shared CWE-427
CVE-2024-9495Shared CWE-427
CVE-2024-57963Shared CWE-427
CVE-2026-24502Shared CWE-427

Affected Assets

Mitre
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates the uncontrolled search path vulnerability by identifying, reporting, and correcting the flaw in the Adobe Photoshop Installer through timely patching.

prevent

Enforces secure configuration settings for DLL search order and PATH environment variables, such as enabling Safe DLL Search Mode, to prevent loading of malicious code from manipulated paths.

preventdetect

Deploys malicious code protection mechanisms to scan and block execution of unauthorized DLLs placed by a low-privileged attacker in searched paths during installer execution.

References