Every CVE whose affected-product data names Adobe Creative Cloud, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (24)
CVE-2018-12829 — CVSS 9.8 (critical): Adobe Creative Cloud Desktop Application before 4.6.1 has an improper certificate validation vulnerability. Successful exploitation could…
CVE-2019-8236 — CVSS 9.8 (critical): Creative Cloud Desktop Application version 4.6.1 and earlier versions have Security Bypass vulnerability. Successful exploitation could…
CVE-2020-9669 — CVSS 9.8 (critical): Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a lack of exploit mitigations vulnerability. Successful exploitation…
CVE-2019-7959 — CVSS 9.8 (critical): Creative Cloud Desktop Application versions 4.6.1 and earlier have a using components with known vulnerabilities vulnerability. Successful…
CVE-2018-4991 — CVSS 9.8 (critical): Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier have an exploitable Improper certificate validation vulnerability…
CVE-2019-7958 — CVSS 9.8 (critical): Creative Cloud Desktop Application versions 4.6.1 and earlier have an insecure inherited permissions vulnerability. Successful exploitation…
CVE-2016-1034 — CVSS 9.1 (critical): The Sync Process in the JavaScript API for Creative Cloud Libraries in Adobe Creative Cloud Desktop Application before 3.6.0.244 allows…
CVE-2017-3006 — CVSS 8.8 (high): Adobe Thor versions 3.9.5.353 and earlier have a vulnerability related to the use of improper resource permissions during the installation…
CVE-2023-26358 — CVSS 8.6 (high): Creative Cloud version 5.9.1 (and earlier) is affected by an Untrusted Search Path vulnerability that might allow attackers to execute…
CVE-2018-4992 — CVSS 7.8 (high): Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier have an exploitable Improper input validation vulnerability…
CVE-2018-5003 — CVSS 7.8 (high): Adobe Creative Cloud Desktop Application before 4.5.5.342 (installer) has an insecure library loading (dll hijacking) vulnerability…
CVE-2019-7093 — CVSS 7.8 (high): Creative Cloud Desktop Application (installer) versions 4.7.0.400 and earlier have an insecure library loading (dll hijacking)…
CVE-2018-4873 — CVSS 7.8 (high): Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier have an exploitable Unquoted Search Path vulnerability. Successful…
CVE-2017-3007 — CVSS 7.8 (high): Adobe Thor versions 3.9.5.353 and earlier have a vulnerability in the directory search path used to find resources, related to Creative…
CVE-2016-6935 — CVSS 7.8 (high): Unquoted Windows search path vulnerability in Adobe Creative Cloud Desktop Application before 3.8.0.310 on Windows allows local users to…
CVE-2019-7957 — CVSS 7.5 (high): Creative Cloud Desktop Application versions 4.6.1 and earlier have a security bypass vulnerability. Successful exploitation could lead to…
CVE-2019-8063 — CVSS 7.5 (high): Creative Cloud Desktop Application 4.6.1 and earlier versions have an insecure transmission of sensitive data vulnerability. Successful…
CVE-2021-28581 — CVSS 7.3 (high): Adobe Creative Cloud Desktop 3.5 (and earlier) is affected by an uncontrolled search path vulnerability that could result in elevation of…
CVE-2016-4158 — CVSS 7.3 (high): Unquoted Windows search path vulnerability in Adobe Creative Cloud Desktop Application before 3.7.0.272 on Windows allows local users to…
CVE-2016-4157 — CVSS 7.3 (high): Untrusted search path vulnerability in the installer in Adobe Creative Cloud Desktop Application before 3.7.0.272 on Windows allows local…
CVE-2020-24422 — CVSS 7.0 (high): Adobe Creative Cloud Desktop Application version 5.2 (and earlier) and 2.1 (and earlier) for Windows is affected by an uncontrolled search…
CVE-2020-3808 — CVSS 5.9 (medium): Creative Cloud Desktop Application versions 5.0 and earlier have a time-of-check to time-of-use (toctou) race condition vulnerability…
CVE-2025-54271 — CVSS 5.6 (medium): Creative Cloud Desktop versions 6.7.0.278 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability…
CVE-2025-64896 — CVSS 5.5 (medium): Creative Cloud Desktop versions 6.4.0.361 and earlier are affected by a Creation of Temporary File in Directory with Incorrect Permissions…