Skip to main content
CVE-2026-44804 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Desktop Window Manager (DWM) Core Library allows an authenticated low-privileged user to elevate to higher privileges by exploiting a use-after-free memory corruption flaw (CWE-416). The issue was reported by Microsoft's security team (secure@microsoft.com) and tracked via MSRC, with no public exploit identified at time of analysis. Successful exploitation yields full confidentiality, integrity, and availability impact on the local host.

Microsoft Use After Free Memory Corruption Denial Of Service Windows 11 26h1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-44802 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Desktop Window Manager (DWM) Core Library allows an authenticated low-privilege attacker to gain higher privileges through a use-after-free memory corruption flaw. The vulnerability carries a CVSS score of 7.8 with high impact across confidentiality, integrity, and availability, and no public exploit identified at time of analysis. Successful exploitation typically yields SYSTEM-level code execution on the affected Windows host.

Microsoft Use After Free Memory Corruption Denial Of Service Windows 10 1809 +9
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-42983 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Windows Desktop Window Manager (DWM) Core Library enables an authenticated low-privileged attacker to gain elevated privileges through a use-after-free memory corruption flaw. CVSS 7.8 reflects high impact on confidentiality, integrity, and availability but requires local access and existing user-level credentials. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.

Microsoft Use After Free Memory Corruption Denial Of Service
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-42910 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Hotpatch Monitoring Service enables an authenticated low-privileged attacker to gain elevated privileges through an out-of-bounds write (CWE-787) memory corruption flaw. The CVSS 7.8 (AV:L/AC:L/PR:L) reflects local attack vector with low complexity once a foothold is obtained, and no public exploit identified at time of analysis. The vulnerability was reported by Microsoft's own security team (secure@microsoft.com), suggesting internal discovery prior to disclosure.

Microsoft Memory Corruption Buffer Overflow
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-42837 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Projected File System (ProjFS) Filter Driver allows an authenticated low-privileged user on a Windows host to escalate to higher privileges by triggering a buffer over-read in the kernel-mode driver. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV, but the CVSS 7.8 with low attack complexity and no user interaction makes it an attractive post-compromise target for endpoint operators.

Information Disclosure Microsoft Buffer Overflow Windows 10 1809 Windows 10 21h2 +8
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-42828 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Projected File System (ProjFS) Filter Driver enables an authorized low-privileged user to elevate to higher privileges through a buffer over-read condition. The flaw affects Microsoft Windows installations where the ProjFS filter driver is present, and exploitation yields high impact across confidentiality, integrity, and availability. There is no public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.

Microsoft Buffer Overflow
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-44810 HIGH PATCH NEWS Exploit Unlikely This Week

Local privilege escalation in Windows Cryptographic Services on Windows 11 (23H2 through 26H1) and Windows Server 2022/2025 allows a low-privileged authenticated user to elevate to higher privileges through an improper authentication flaw (CWE-287). Microsoft has released patches via MSRC, and while no public exploit identified at time of analysis, CISA SSVC rates the technical impact as total, meaning successful exploitation yields full system compromise. EPSS probability is very low (0.06%), reflecting the local attack vector and absence of known exploitation activity.

Authentication Bypass Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-50512 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft PC Manager allows an authenticated low-privileged attacker to gain elevated rights on the host by abusing a critical function that lacks proper authentication checks. The flaw (CWE-306) is reported by Microsoft itself with a CVSS 7.8 (AV:L/AC:L/PR:L) and no public exploit identified at time of analysis, but a vendor patch is available via MSRC.

Authentication Bypass Microsoft Microsoft Pc Manager
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-42902 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft PowerToys allows an authenticated low-privileged user on a Windows system with PowerToys installed to elevate to higher privileges by abusing an improper authorization check (CWE-285). The flaw requires existing local access and low-level credentials, with no public exploit identified at time of analysis and no CISA KEV listing. Successful exploitation yields full confidentiality, integrity, and availability impact on the affected host.

Authentication Bypass Microsoft Powertoys
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-42829 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Administrator Protection allows an authorized attacker with low-privilege access to bypass a security feature on affected Windows systems. The flaw stems from improper access control (CWE-284) in the Administrator Protection mechanism, and while no public exploit identified at time of analysis, the high CVSS 7.8 reflects the meaningful impact on confidentiality, integrity, and availability once the bypass is achieved. The issue was reported by Microsoft (secure@microsoft.com) and is tracked through MSRC rather than CISA KEV.

Authentication Bypass Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-41092 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Kinect allows an authenticated low-privileged user to elevate to higher privileges due to improper access control (CWE-284). The vulnerability carries a CVSS 7.8 (High) rating with local attack vector and low complexity, and no public exploit identified at time of analysis. Successful exploitation yields high impact to confidentiality, integrity, and availability on the affected host.

Authentication Bypass Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-49161 HIGH PATCH This Week

Local privilege escalation in Microsoft PC Manager allows an authenticated low-privileged attacker to bypass a security feature on the affected system, leading to high impact on confidentiality, integrity, and availability. The flaw stems from improper access control (CWE-284) and currently has no public exploit identified at time of analysis. The CVSS 7.8 score reflects local attack vector with low complexity but requires the attacker to already have valid credentials on the target host.

Authentication Bypass Microsoft Pc Manager
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-47916 HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader (versions 24.001.30365, 26.001.21651, and earlier) occurs when a victim opens a maliciously crafted PDF, triggering a use-after-free memory corruption that lets the attacker run code with the privileges of the logged-on user. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV; however, Acrobat Reader is a perennial target for phishing-delivered malware, making patching a near-term priority. Adobe has issued APSB26-63 with fixed builds.

Memory Corruption RCE Use After Free Denial Of Service Adobe +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-47918 HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader (versions 24.001.30365, 26.001.21651, and earlier) is triggered when a user opens a malicious PDF, exploiting a Use-After-Free memory corruption flaw to run code as the current user. No public exploit identified at time of analysis, and EPSS data was not provided, but the high CVSS of 7.8 combined with Reader's massive install base makes this a routine patch priority. Vendor (Adobe) issued advisory APSB26-63 with corrective updates.

Memory Corruption RCE Use After Free Denial Of Service Adobe +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-47915 HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier results from a use-after-free memory corruption bug (CWE-416) triggered when a victim opens a malicious PDF. Code runs in the security context of the current user, making this a credible client-side initial-access vector via phishing or drive-by document delivery. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Memory Corruption RCE Use After Free Denial Of Service Adobe +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-47917 HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader (versions 24.001.30365, 26.001.21651 and earlier) is possible when a victim opens a maliciously crafted PDF, triggering a use-after-free memory corruption flaw. Code runs with the privileges of the current user, and no public exploit identified at time of analysis, though Adobe has released APSB26-63 as the corresponding advisory.

Memory Corruption RCE Use After Free Denial Of Service Adobe +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-47955 HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier is possible when a victim opens a maliciously crafted file that triggers a use-after-free in the document parser. The flaw runs code in the context of the logged-in user and carries a CVSS 7.8 (High) score, but requires user interaction; no public exploit identified at time of analysis and EPSS data is not provided in the input.

Memory Corruption RCE Use After Free Denial Of Service Adobe +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-47919 HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader (versions 24.001.30365, 26.001.21651, and earlier) is possible when a victim opens a maliciously crafted document, triggering a use-after-free condition in the renderer. The flaw runs code in the context of the current user and has no public exploit identified at time of analysis, though Adobe issued advisory APSB26-63 confirming the vulnerability class and affected versions.

Memory Corruption RCE Use After Free Denial Of Service Adobe +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-47921 HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier occurs through a use-after-free flaw triggered when a victim opens a maliciously crafted PDF document. Code executes in the context of the current user, making this a classic client-side document exploit vector. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.

Memory Corruption RCE Use After Free Denial Of Service Adobe +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-47920 HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader (versions 24.001.30365, 26.001.21651 and earlier) is possible when a victim opens a maliciously crafted PDF that triggers a use-after-free condition in the parser. Exploitation runs at the privilege of the user opening the file, and no public exploit identified at time of analysis. CVSS 7.8 reflects the local attack vector and required user interaction, but Reader's massive install base makes this a high-value target for phishing-driven campaigns.

Memory Corruption RCE Use After Free Denial Of Service Adobe +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-47913 HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier stems from a Use After Free condition (CWE-416) that triggers when a victim opens a malicious PDF, yielding execution in the context of the current user. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV, but the file-opening attack pattern is a perennial favorite in phishing and document-borne campaigns targeting Acrobat. Adobe has shipped fixed builds under advisory APSB26-63.

Memory Corruption RCE Use After Free Denial Of Service Adobe
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-47914 HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier occurs through a use-after-free condition triggered by opening a malicious PDF document. Successful exploitation runs code in the context of the current user, but no public exploit identified at time of analysis and the issue requires user interaction to open the crafted file.

Memory Corruption RCE Use After Free Denial Of Service Adobe
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-47912 HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader 24.001.30365, 26.001.21651, and earlier versions occurs through a use-after-free condition triggered when a victim opens a malicious PDF file. Successful exploitation runs attacker-supplied code with the privileges of the current user, making this a viable phishing and drive-by document attack vector. No public exploit identified at time of analysis, and the vulnerability is not currently listed in CISA KEV.

Memory Corruption RCE Use After Free Denial Of Service Adobe
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-48292 HIGH This Week

Arbitrary code execution in Adobe Format Plugins 1.1.2 and earlier occurs through a heap-based buffer overflow that executes in the current user's security context when a victim opens a maliciously crafted file. The flaw was reported by Adobe PSIRT and carries a CVSS 7.8 (high) score, but no public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV, suggesting it is currently a patching priority rather than an active incident.

Heap Overflow Buffer Overflow RCE Format Plugins
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-48291 HIGH This Week

Arbitrary code execution in Adobe Format Plugins versions 1.1.2 and earlier occurs via a heap-based buffer overflow triggered when a victim opens a malicious file. Exploitation runs in the context of the current user and requires user interaction, with no public exploit identified at time of analysis. The flaw is addressed in Adobe Security Bulletin APSB26-65.

Heap Overflow Buffer Overflow RCE Format Plugins
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-47952 HIGH This Week

Heap-based buffer overflow in Adobe Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier enables arbitrary code execution in the context of the logged-in user when a victim opens a maliciously crafted document. No public exploit has been identified at time of analysis, but the high CVSS of 7.8 reflects severe local impact, and Acrobat Reader's massive install base makes it a perennial phishing target. Exploitation requires user interaction, which moderates urgency relative to zero-click flaws but does not eliminate risk in document-heavy enterprise environments.

Heap Overflow Adobe Buffer Overflow RCE Acrobat Reader
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-47959 HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader (versions 24.001.30365, 26.001.21651 and earlier) occurs via a stack-based buffer overflow triggered when a victim opens a malicious PDF. Successful exploitation runs attacker code in the context of the current user, making this a viable initial-access vector through phishing or drive-by document delivery. No public exploit identified at time of analysis, but the bug class (CWE-121) and Acrobat's broad install base historically attract weaponization quickly after disclosure.

Adobe Stack Overflow Buffer Overflow RCE Acrobat Reader
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-47911 HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader (versions 24.001.30365, 26.001.21651 and earlier) is possible when a victim opens a malicious PDF file that triggers an out-of-bounds write condition. The flaw executes code in the context of the logged-in user, and while no public exploit identified at time of analysis, the CVSS 7.8 rating reflects high impact across confidentiality, integrity, and availability. Adobe has published advisory APSB26-63 with a fix.

Adobe Memory Corruption Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-47908 HIGH This Week

Arbitrary code execution in Adobe Dreamweaver Desktop versions 21.7 and earlier allows attackers to run code in the context of the current user when a victim opens a malicious file. The flaw stems from access of an uninitialized pointer (CWE-824) and is tracked under Adobe advisory APSB26-62. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.

Memory Corruption RCE Dreamweaver Desktop
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-48306 HIGH This Week

Arbitrary code execution in Adobe Substance3D Sampler 6.0.0 and earlier occurs when a user opens a maliciously crafted asset file that triggers an out-of-bounds write in the application's parsing logic. Exploitation runs in the context of the logged-in user and requires user interaction to open the file; no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Memory Corruption Buffer Overflow RCE Substance3D Sampler
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-34710 HIGH This Week

Arbitrary code execution in Adobe Substance3D Sampler versions 6.0.0 and earlier occurs through an out-of-bounds write triggered when a user opens a maliciously crafted file. The flaw executes code in the context of the current user and requires victim interaction, with no public exploit identified at time of analysis and no CISA KEV listing.

Memory Corruption Buffer Overflow RCE Substance3D Sampler
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-48305 HIGH This Week

Arbitrary code execution in Adobe Substance3D Sampler versions 6.0.0 and earlier occurs when a victim opens a maliciously crafted file, triggering an out-of-bounds write (CWE-787) in the application's file parser. Exploitation runs in the context of the current user and no public exploit identified at time of analysis, though the high CVSS of 7.8 reflects the full local impact triad once a user is socially engineered into opening the file.

Memory Corruption Buffer Overflow RCE Substance3D Sampler
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-34709 HIGH This Week

Arbitrary code execution in Adobe Substance3D Sampler 6.0.0 and earlier occurs when a user opens a maliciously crafted 3D asset file, triggering an out-of-bounds write that runs attacker code with the current user's privileges. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV, but the local attack vector combined with high impact and required user interaction makes this a classic targeted-phishing/social-engineering risk against artists and 3D designers.

Memory Corruption Buffer Overflow RCE Substance3D Sampler
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-48293 HIGH This Week

Arbitrary code execution in Adobe InDesign Desktop 21.3, 20.5.3 and earlier allows attackers to run code as the logged-in user when a victim opens a maliciously crafted document file. The flaw is an out-of-bounds write (CWE-787) memory corruption issue requiring user interaction, and no public exploit has been identified at time of analysis.

Memory Corruption Buffer Overflow RCE Indesign Desktop
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-46319 HIGH PATCH This Week

Local privilege escalation in the Linux kernel's net/sched act_ct traffic control action stems from a use-after-free in tcf_ct_flow_table_get(), where rhashtable_lookup_fast() releases the RCU read lock before refcount_inc_not_zero() can pin the returned ct_ft object. EPSS is very low (0.02%, 7th percentile) and no public exploit identified at time of analysis, but Trend Micro ZDI provided detailed root-cause analysis and stable-tree patches are merged across 5.10 through 6.18 lines. Successful exploitation grants attacker-controlled kernel memory access enabling privilege escalation to root.

Trend Micro Linux Privilege Escalation Use After Free Memory Corruption
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-24064 HIGH This Week

Local privilege escalation in Waves Central for macOS versions 13.0.9 through 16.5.5 allows an unprivileged user to gain root code execution by injecting a malicious dylib into a trusted XPC client process via DYLD_INSERT_LIBRARIES. The injected code then abuses the product's privileged helper service to perform operations as root. No public exploit identified at time of analysis, and EPSS probability is very low (0.02%), consistent with a local-only macOS desktop attack surface.

Apple RCE Privilege Escalation Waves Central
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-52907 HIGH PATCH This Week

Out-of-bounds array access in the Linux kernel's Rockchip RKCIF camera interface driver (drivers/media/platform/rockchip/rkcif) allows a local low-privileged user to trigger memory corruption by reading one element past the end of internal arrays due to off-by-one comparison errors. Affects mainline Linux through 6.19 and is fixed in 7.0.4 and 7.1-rc1; no public exploit identified at time of analysis and EPSS exploitation probability is negligible (0.02%, 5th percentile).

Linux Information Disclosure
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-46330 HIGH PATCH This Week

Use-after-free and VFS invariant violations in the Linux kernel SMC subsystem (5.17 through pre-6.19.4) allow local privileged users to trigger memory corruption and system instability via the TCP ULP-to-SMC conversion path. The upstream maintainers fully reverted the underlying commit d7cd421da9da rather than attempting an in-place fix, citing fundamental design flaws; no public exploit identified at time of analysis and EPSS sits at 0.02% (5th percentile).

Linux Denial Of Service Use After Free Memory Corruption
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-46327 HIGH PATCH This Week

Race condition in the Linux kernel device-mapper (dm) subsystem allows a local privileged user to trigger memory corruption or use-after-free conditions by exploiting a TOCTOU flaw in dm_blk_report_zones, which calls dm_suspended_md without holding required locks. The flaw affects multiple stable kernel branches including 6.12.x, 6.15.x, 6.16, and 6.18.x prior to fixed releases. No public exploit identified at time of analysis, and EPSS scores exploitation probability at 0.02% (5th percentile).

Linux Information Disclosure
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-46323 HIGH PATCH This Week

Use-after-free in the Linux kernel's Generic Receive Offload (GRO) networking path allows local attackers to corrupt kernel memory and potentially achieve privilege escalation or denial of service. The flaw stems from skb_gro_receive() merging fragment lists between socket buffers without honoring the SKBFL_MANAGED_FRAG_REFS zero-copy flag, leaving page refcounts inconsistent. No public exploit identified at time of analysis, and EPSS exploitation probability is very low at 0.02% (5th percentile).

Linux Information Disclosure
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-46324 HIGH PATCH This Week

Local privilege escalation potential exists in the Linux kernel's netfilter nf_tables subsystem where netlink hook unregistration functions failed to use RCU-safe list removal while concurrent dumpers walked the same list. Affected paths are nft_netdev_unregister_hooks and __nft_unregister_flowtable_net_hooks, which previously used non-RCU list_del semantics and could race with readers, leading to memory corruption or use-after-free conditions on systems exposing nftables. No public exploit identified at time of analysis, and EPSS rates real-world exploitation likelihood at 0.02%.

Linux Information Disclosure
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-8863 HIGH Exploit Unlikely This Week

SecureBoot bypass affecting multiple third-party UEFI SHIM bootloaders allows local attackers with low privileges to circumvent boot integrity due to missing SBAT (Secure Boot Advanced Targeting) enforcement and validation. Impacted signed binaries span PC-Doctor Service Center, Spyrus WTGCreator, WhiteCanyon WipeDrive, Baramundi Management Suite, Finland's Abitti 1 exam environment, and NTC IT Rosa R9/R10. CVSS is 7.8 (local, low privileges) and SSVC indicates no known exploitation with total technical impact, while no public exploit identified at time of analysis.

Authentication Bypass Suse
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-34707 HIGH This Week

Arbitrary code execution in Adobe InCopy versions 21.3, 20.5.3 and earlier occurs when a user opens a maliciously crafted document that triggers a heap-based buffer overflow (CWE-122). Successful exploitation runs attacker code in the security context of the current user, making this a credible vector for endpoint compromise via social engineering. No public exploit identified at time of analysis, and the CVE is not on the CISA KEV list.

Heap Overflow Buffer Overflow RCE Incopy
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-34706 HIGH This Week

Arbitrary code execution in Adobe InCopy 21.3, 20.5.3, and earlier allows attackers to run code as the current user when a victim opens a maliciously crafted file. The flaw stems from an out-of-bounds write (CWE-787) in file parsing logic, carries a CVSS 7.8 (local, user-interaction required), and has no public exploit identified at time of analysis. Adobe published advisory APSB26-59 addressing the issue.

Memory Corruption Buffer Overflow RCE Incopy
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-34708 HIGH This Week

Stack-based buffer overflow in Adobe InCopy 21.3, 20.5.3 and earlier enables arbitrary code execution in the context of the logged-in user when a victim opens a maliciously crafted document. The flaw is locally exploitable via file-format parsing and requires user interaction, with no public exploit identified at time of analysis. CVSS 7.8 reflects high impact on confidentiality, integrity, and availability but constrained reachability through the document-open vector.

Stack Overflow Buffer Overflow RCE Incopy
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-34701 HIGH This Week

Arbitrary code execution in Adobe InDesign Desktop versions 21.3, 20.5.3 and earlier occurs through a heap-based buffer overflow triggered when a victim opens a maliciously crafted file. The flaw runs code in the security context of the current user and requires user interaction, with no public exploit identified at time of analysis. Adobe has published advisory APSB26-58 addressing the issue.

Heap Overflow Buffer Overflow RCE Indesign Desktop
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-34695 HIGH This Week

Arbitrary code execution in Adobe InDesign Desktop 21.3, 20.5.3 and earlier occurs when a user opens a maliciously crafted document, triggering a stack-based buffer overflow (CWE-121) that runs attacker code in the context of the current user. Adobe issued advisory APSB26-58 for this issue; no public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.

Stack Overflow Buffer Overflow RCE Indesign Desktop
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-34700 HIGH This Week

Arbitrary code execution in Adobe InDesign Desktop versions 21.3, 20.5.3 and earlier occurs through an out-of-bounds write triggered when a user opens a maliciously crafted document, allowing attacker code to run with the privileges of the current user. The flaw carries a CVSS 7.8 (High) rating, requires victim interaction, and no public exploit identified at time of analysis.

Memory Corruption Buffer Overflow RCE Indesign Desktop
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-34696 HIGH This Week

Arbitrary code execution in Adobe InDesign Desktop 21.3, 20.5.3 and earlier stems from a use-after-free condition triggered when a user opens a maliciously crafted document, allowing an attacker to run code with the privileges of the logged-in user. The flaw is reported by Adobe with a CVSS 3.1 base score of 7.8 and tagged for RCE, denial of service, and memory corruption, but there is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Denial Of Service Use After Free Memory Corruption RCE Indesign Desktop
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-34698 HIGH This Week

Arbitrary code execution in Adobe InDesign Desktop 21.3, 20.5.3 and earlier occurs via a heap-based buffer overflow (CWE-122) triggered when a victim opens a maliciously crafted document file. The flaw runs code in the context of the current user and requires user interaction, with no public exploit identified at time of analysis. Adobe published advisory APSB26-58 addressing the issue.

Heap Overflow Buffer Overflow RCE Indesign Desktop
NVD
CVSS 3.1
7.8
EPSS
0.0%
Prev Page 6 of 16 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy