EUVD-2026-35822
GHSA-hc4r-h68v-6hhh
Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
AnalysisAI
Out-of-bounds read in Adobe Acrobat Reader versions 24.001.30365 and 26.001.21651 and earlier exposes sensitive memory contents to an attacker who can deliver a malicious PDF to a victim. The CVSS vector (AV:L/AC:L/PR:N/UI:R) confirms low complexity with no privilege prerequisite, but requires local file execution - the victim must open the crafted document. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the victim to actively open a specially crafted PDF file in an affected version of Adobe Acrobat Reader (24.001.30365 or 26.001.21651 and earlier) on their local machine - this is the UI:R condition confirmed by the CVSS vector. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | CVSS 5.5 Medium is calibrated appropriately for this vulnerability class. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker crafts a malicious PDF containing structures designed to trigger an out-of-bounds read in Acrobat Reader's parsing engine, then delivers it to a target via phishing email or a compromised download link. When the victim opens the file in an affected Acrobat Reader version, the OOB read leaks adjacent memory contents - potentially including heap data such as pointers, keys, or document content - back to the attacker through a rendering side-channel or embedded callback. … |
| Remediation | Patch available per vendor advisory APSB26-63 at https://helpx.adobe.com/security/products/acrobat/apsb26-63.html - update Acrobat Reader to the version specified in that bulletin as the fixed release; exact patched version numbers were not included in the available intelligence and should be confirmed directly from the Adobe advisory before deploying. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
More from same product – last 7 days
Arbitrary code execution in Adobe Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier occurs via an uncontrol
Arbitrary code execution in Adobe Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier results from a use-afte
Arbitrary code execution in Adobe Acrobat Reader (versions 24.001.30365, 26.001.21651, and earlier) occurs when a victim
Arbitrary code execution in Adobe Acrobat Reader (versions 24.001.30365, 26.001.21651 and earlier) is possible when a vi
Arbitrary code execution in Adobe Acrobat Reader (versions 24.001.30365, 26.001.21651, and earlier) is triggered when a
Share
External POC / Exploit Code
Leaving vuln.today