CVE-2025-49568: 
Adobe Illustrator vulnerability analysis and mitigation

Adobe Illustrator versions 28.7.8, 29.6.1 and earlier are affected by a Use After Free vulnerability identified as CVE-2025-49568. The vulnerability was disclosed on August 12, 2025, and requires user interaction through opening a malicious file to be exploited. The affected systems include both Windows and macOS operating systems running the specified versions of Adobe Illustrator (NVD).

The vulnerability is classified as a Use After Free (CWE-416) issue that could potentially expose sensitive memory information. The vulnerability has received a CVSS 3.1 Base Score of 5.5 (MEDIUM) with the following vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N. This indicates that the vulnerability requires local access and user interaction, with potential high impact on confidentiality but no impact on integrity or availability (NVD).

The successful exploitation of this vulnerability could lead to the disclosure of sensitive memory information. The vulnerability specifically affects the confidentiality of the system, with no direct impact on system integrity or availability (Rapid7).

Adobe has released security updates to address this vulnerability. Users are advised to update their Adobe Illustrator installations to versions newer than 28.7.8 for the 28.x series or versions newer than 29.6.1 for the 29.x series (NVD).