CVE-2026-27285

| EUVD-2026-22440 MEDIUM
2026-04-14 adobe
Buffer Overflow Heap Overflow
5.5
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
Analysis Generated
Apr 14, 2026 - 18:49 vuln.today

DescriptionNVD

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application or disrupt its functionality. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

AnalysisAI

Heap-based buffer overflow in Adobe InDesign Desktop versions 20.5.2, 21.2 and earlier allows local attackers to cause application denial-of-service by crafting malicious files that trigger memory corruption when opened. This vulnerability requires user interaction to exploit and does not enable code execution or data compromise, making it primarily a disruption vector rather than a critical attack surface despite its moderate CVSS score of 5.5.

Sign in for full analysis, threat intelligence, and remediation guidance.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

CVE-2026-27285 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy