EUVD-2026-35779
GHSA-xg7g-jmmf-pmrh
Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionCVE.org
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
AnalysisAI
NULL Pointer Dereference in Adobe InDesign Desktop versions 21.3, 20.5.3 and earlier enables a denial-of-service condition by crashing the application when a victim opens a specially crafted malicious file. The vulnerability carries no confidentiality or integrity impact - availability is the sole affected component. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires that the victim is running Adobe InDesign Desktop version 21.3, 20.5.3, or an earlier affected release on their local system. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 base score of 5.5 (Medium) accurately reflects a constrained threat profile: the attack vector is Local (AV:L), requiring the attacker to deliver a malicious file to the victim's machine rather than reaching InDesign over a network; user interaction is required (UI:R), meaning the victim must actively open the crafted document; and scope is unchanged (S:U), preventing any cross-boundary escalation. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker crafts a malformed InDesign document that encodes a NULL pointer dereference trigger within its internal structure, then delivers it to a target via email attachment, shared drive, or collaboration platform - all plausible vectors in creative industry workflows. When the victim opens the file in InDesign Desktop 21.3 or an earlier affected version, the parser encounters the crafted input, dereferences a NULL pointer, and the application crashes with no additional attacker impact beyond service disruption. … |
| Remediation | The primary remediation is to apply the patch released by Adobe via advisory APSB26-58, available at https://helpx.adobe.com/security/products/indesign/apsb26-58.html. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
More from same product – last 7 days
Arbitrary code execution in Adobe InDesign Desktop 21.3, 20.5.3 and earlier allows attackers to run code as the logged-i
Arbitrary code execution in Adobe InDesign Desktop 21.3, 20.5.3 and earlier occurs when a user opens a maliciously craft
Arbitrary code execution in Adobe InDesign Desktop 21.3, 20.5.3 and earlier stems from a use-after-free condition trigge
Arbitrary code execution in Adobe InDesign Desktop 21.3, 20.5.3 and earlier occurs through a stack-based buffer overflow
Arbitrary code execution in Adobe InDesign Desktop 21.3, 20.5.3 and earlier occurs via a heap-based buffer overflow (CWE
Share
External POC / Exploit Code
Leaving vuln.today