Photoshop Out-of-Bounds Read: RCE Risk for Desktop Users

/HIGH
SCW vulnerabilitycvehigh-severityout-of-bounds-1cwe-125
Photoshop Out-of-Bounds Read: RCE Risk for Desktop Users

The National Vulnerability Database has flagged a critical out-of-bounds read vulnerability, identified as CVE-2026-27289, affecting Adobe Photoshop Desktop versions 27.4 and earlier. This flaw arises when the software attempts to parse a specially crafted file, leading to a read operation beyond the allocated memory structure. The implications are significant: a successful exploit could enable an attacker to execute arbitrary code within the context of the current user.

While the CVSS score of 7.8 (HIGH) paints a grim picture, it’s worth noting that exploitation isn’t entirely silent. According to the National Vulnerability Database, user interaction is a prerequisite; a victim must actively open a malicious file for the attack to succeed. This means social engineering or phishing tactics would likely be involved to trick users into opening the booby-trapped file. The underlying weakness is categorized as CWE-125, a common vulnerability class related to out-of-bounds reads.

Related ATT&CK Techniques

T1204.002 Malicious File Initial Access T1566.002 Spearphishing Attachment Initial Access T1190 Exploit Public-Facing Application Initial Access

🛡️ Detection Rules

6 rules · 5 SIEM formats

6 auto-generated detection rules for this incident, mapped to MITRE ATT&CK. Available in Sigma, Splunk SPL, Sentinel KQL, Elastic Lucene, and QRadar AQL.

medium T1204.002 Initial Access

Suspicious File Download via Email

Sigma Splunk SPL Sentinel KQL Elastic QRadar AQL

Get this rule in your SIEM's native format — copy, paste, detect. No manual conversion.

6 Sigma rules mapped to the ATT&CK techniques from this breach — pick your SIEM and get a ready-to-paste query.

Get Detection Rules →

Indicators of Compromise

IDTypeIndicator
CVE-2026-27289 RCE Adobe Photoshop Desktop version 27.4 and earlier
CVE-2026-27289 Memory Corruption Out-of-bounds read when parsing a crafted file

By Shimi's Cyber World Editorial

Related Posts

Critical RCE Flaw Hits NuGet Gallery Backend

CVE-2026-39399 — NuGet Gallery is a package repository that powers nuget.org. A security vulnerability exists in the NuGetGallery backend job’s handling of .nuspec files within...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-20cwe-22
/CRITICAL /⚑ 4 IOCs

BoidCMS LFI to RCE: A Critical Template Flaw

CVE-2026-39387 — BoidCMS is an open-source, PHP-based flat-file CMS for building simple websites and blogs, using JSON as its database. Versions prior to 2.1.3 are...

vulnerabilityCVEhigh-severityremote-code-executioncwe-98
/HIGH /⚑ 4 IOCs

Nanobot AI: WebSocket Hijack Puts WhatsApp Sessions at Risk

CVE-2026-35589 — nanobot is a personal AI assistant. Versions prior to 0.1.5 contain a Cross-Site WebSocket Hijacking (CSWSH) vulnerability exists in the bridge's WebSocket server...

vulnerabilityCVEhigh-severitycwe-1385
/HIGH /⚑ 5 IOCs