CVE-2025-21127

Name of the Vulnerable Software and Affected Versions Adobe Photoshop versions 25.12, 26.1 and earlier

Description The issue is related to an Uncontrolled Search Path Element vulnerability that could lead to arbitrary code execution. An attacker could manipulate the search path environment variable to point to a malicious library, resulting in the execution of arbitrary code when the application loads. Exploitation of this issue requires user interaction, as the victim must run the vulnerable application.

Recommendations For Adobe Photoshop versions 25.12, 26.1 and earlier, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the vulnerable node modules to minimize the risk of exploitation. Avoid using the vulnerable application until the issue is resolved.