EUVD-2026-35782
GHSA-rc56-w2j5-3x6q
Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionCVE.org
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
AnalysisAI
NULL Pointer Dereference in Adobe InDesign Desktop versions 21.3 and 20.5.3 and earlier allows a local attacker to crash the application by delivering a crafted document file that a victim must open, resulting in a denial-of-service condition with no confidentiality or integrity impact. Exploitation is constrained by mandatory user interaction (UI:R) and a local attack vector (AV:L), significantly limiting real-world risk beyond targeted social-engineering scenarios involving design professionals. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires a victim to actively open a specially crafted InDesign Desktop file on a local system running a vulnerable version (21.3 or 20.5.3 and earlier). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 5.5 Medium score is supported by the vector AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H, which captures a low-complexity local attack requiring no privileges but mandatory user interaction, with high availability impact and zero confidentiality or integrity consequence. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker crafts a malicious Adobe InDesign document engineered to trigger a NULL pointer dereference in the file's parsing engine and delivers it to a target designer or publisher via email, a file-sharing platform, or a compromised design asset repository. The victim, expecting a legitimate project file, opens the document in InDesign Desktop on an unpatched system, immediately causing the application to crash and interrupting active work. … |
| Remediation | The primary fix is to apply the patch documented in Adobe Security Bulletin APSB26-58 at https://helpx.adobe.com/security/products/indesign/apsb26-58.html; the exact patched release version is not specified in the supplied intelligence data and must be confirmed directly from that advisory before deployment. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
More from same product – last 7 days
Arbitrary code execution in Adobe InDesign Desktop 21.3, 20.5.3 and earlier allows attackers to run code as the logged-i
Arbitrary code execution in Adobe InDesign Desktop 21.3, 20.5.3 and earlier occurs when a user opens a maliciously craft
Arbitrary code execution in Adobe InDesign Desktop 21.3, 20.5.3 and earlier stems from a use-after-free condition trigge
Arbitrary code execution in Adobe InDesign Desktop 21.3, 20.5.3 and earlier occurs through a stack-based buffer overflow
Arbitrary code execution in Adobe InDesign Desktop 21.3, 20.5.3 and earlier occurs via a heap-based buffer overflow (CWE
Share
External POC / Exploit Code
Leaving vuln.today