Skip to main content
Code_Sniper
Participant
May 29, 2026
Question

Node.exe 22.18.0 in Photoshop 27.7 is STILL a VULNERABILITY!

  • May 29, 2026
  • 3 replies
  • 57 views

Photoshop (and several other products) are shipping an old version of Node.exe that is flagged for a critical vulnerability.  (CVE-2025-59465)

I do not understand how a company like Adobe can ship a product and not have the installation scanned for vulnerabilities. There are known exploits for this and it is in need or remediation.

 

The version of Node.exe in Photoshop is 22.18. The patched version is 22.22

Please fix this ASAP.

 

    3 replies

    Community Expert
    May 30, 2026

    Thread closed because double post.

    Furhter discussion see here: Node.exe 22.18.0 in Photoshop 27.7 is STILL a VULNERABILITY! | Adobe DME

     

    My System: Intel i7-8700K - 64GB RAM - NVidia Geforce RTX 3060 - Windows 11 Pro 25H2 -- LR-Classic 15 - Photoshop 27 - Nik Collection 9 - PureRAW 6 - Topaz Photo AI
    Code_Sniper
    Participant
    May 29, 2026

    Node.exe that is being shipped with Photoshop 27.7 is vulnerable for ( CVE-2025-59465) which is a critical vulnerability with a known exploit. Node.exe v22.22 patches this issue, however Photoshop is being shipped with v22.18.  

    Adobe NEEDS TO VULNERABILITY SCAN THEIR PRODUCTS BEFORE RELEASE.

     

    kglad
    Community Expert
    Community Expert
    May 29, 2026

    you can update your node.exe

     

    and if you want, you can post this in the ps feature requests forum, https://community.adobe.com/p/photoshop 

     

    and change your title slightly to avoid a duplicate post error.

    Code_Sniper
    Participant
    May 29, 2026

    That is not an acceptable solution. We are a large enterprise with thousands of machines. We should not have to maintain the stability and security of vendor products.