This vulnerability allows local attackers to escalate privileges on affected installations of Adobe Photoshop. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.3. The following CVEs are assigned: CVE-2025-21127.
United Kingdom, Canada, Philippines
(+62) 81 2345 1234
Opening : Mon-Fri 09:00 – 17:00
Sentinel
ZDI-25-046: Adobe Photoshop node_modules Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
Ready To Start New Project With Intrace?
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.