CVE-2026-27303

| EUVD-2026-22667 CRITICAL
2026-04-14 adobe GHSA-p85r-hffw-65q4
RCE Deserialization Adobe
9.6
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
Analysis Generated
Apr 14, 2026 - 19:39 vuln.today

DescriptionNVD

Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed.

AnalysisAI

Remote code execution in Adobe Connect versions 12.10 and earlier allows unauthenticated attackers to execute arbitrary code through deserialization of untrusted data. The vulnerability achieves scope change, enabling attackers to break out of the application's security context and impact resources beyond the vulnerable component. …

Sign in for full analysis, threat intelligence, and remediation guidance.

RemediationAI

Within 24 hours: Inventory all Adobe Connect deployments and identify systems running version 12.10 or earlier; isolate these systems from sensitive networks if possible and restrict user access to essential personnel only. Within 7 days: Contact Adobe Support to confirm patch availability status and request security guidance; implement network-level controls to restrict Adobe Connect traffic to known trusted sources. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

CVE-2026-27303 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy