Skip to main content

Adobe InDesign CVE-2026-34696

| EUVD-2026-35780 HIGH
Use After Free (CWE-416)
2026-06-09 adobe GHSA-8x9r-pg87-r424
Denial Of Service Use After Free Memory Corruption RCE Indesign Desktop
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
Analysis Generated
Jun 09, 2026 - 18:58 vuln.today

DescriptionCVE.org

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

AnalysisAI

Arbitrary code execution in Adobe InDesign Desktop 21.3, 20.5.3 and earlier stems from a use-after-free condition triggered when a user opens a maliciously crafted document, allowing an attacker to run code with the privileges of the logged-in user. The flaw is reported by Adobe with a CVSS 3.1 base score of 7.8 and tagged for RCE, denial of service, and memory corruption, but there is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Craft malicious INDD/IDML document
Delivery
Deliver via email or shared drive
Exploit
Victim opens file in InDesign
Execution
Trigger use-after-free in parser
Persist
Hijack freed object to execute shellcode
Impact
Run code as current user
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Exploitation requires the victim to open a specifically crafted malicious InDesign document in a vulnerable build of Adobe InDesign Desktop 21.3, 20.5.3, or earlier (UI:R in the CVSS vector); the attacker needs no prior credentials on the target system (PR:N) but cannot trigger the bug remotely without user action, since the attack vector is local (AV:L) and tied to file open. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 vector AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H reflects a local attack vector with low complexity, no privileges, and required user interaction, yielding 7.8 - high impact but constrained by the social-engineering step of opening a file. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker emails or shares a weaponized .indd or .idml file - for example, posed as a client brief, vendor template, or freelance handoff - to a designer or production editor. When the victim opens the file in a vulnerable InDesign Desktop build, the use-after-free is triggered during parsing and the attacker gains code execution as the logged-in user, enabling installation of stealers or further lateral movement on the creative workstation. …
Remediation Apply the vendor patch documented in Adobe Security Bulletin APSB26-58 at https://helpx.adobe.com/security/products/indesign/apsb26-58.html - update InDesign Desktop past 21.3 and 20.5.3 through the Creative Cloud desktop application or enterprise admin console; exact fix versions should be taken from the Adobe advisory rather than inferred. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 24 hours: Inventory all systems running Adobe InDesign 21.3, 20.5.3, or earlier; immediately restrict opening documents from untrusted external sources; send urgent security notice to all InDesign users. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-48293 HIGH
7.8 Jun 09

Arbitrary code execution in Adobe InDesign Desktop 21.3, 20.5.3 and earlier allows attackers to run code as the logged-i
CVE-2026-34695 HIGH
7.8 Jun 09

Arbitrary code execution in Adobe InDesign Desktop 21.3, 20.5.3 and earlier occurs when a user opens a maliciously craft
CVE-2026-34697 HIGH
7.8 Jun 09

Arbitrary code execution in Adobe InDesign Desktop 21.3, 20.5.3 and earlier occurs through a stack-based buffer overflow
CVE-2026-34698 HIGH
7.8 Jun 09

Arbitrary code execution in Adobe InDesign Desktop 21.3, 20.5.3 and earlier occurs via a heap-based buffer overflow (CWE
CVE-2026-34699 HIGH
7.8 Jun 09

Arbitrary code execution in Adobe InDesign Desktop versions 21.3, 20.5.3 and earlier is possible when a user opens a mal

Share

CVE-2026-34696 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy