Skip to main content

Adobe InDesign EUVD-2026-35778

| CVE-2026-34698 HIGH
Heap-based Buffer Overflow (CWE-122)
2026-06-09 adobe GHSA-xhp8-2xff-53wx
Heap Overflow Buffer Overflow RCE Indesign Desktop
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
Analysis Generated
Jun 09, 2026 - 18:57 vuln.today

DescriptionCVE.org

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

AnalysisAI

Arbitrary code execution in Adobe InDesign Desktop 21.3, 20.5.3 and earlier occurs via a heap-based buffer overflow (CWE-122) triggered when a victim opens a maliciously crafted document file. The flaw runs code in the context of the current user and requires user interaction, with no public exploit identified at time of analysis. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Craft malicious INDD/IDML file
Delivery
Deliver via email or shared drive
Exploit
Victim opens file in InDesign
Execution
Heap buffer overflow in parser
Persist
Hijack control flow
Impact
Execute code as current user
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Exploitation requires the victim to open a maliciously crafted InDesign document (such as an .indd or .idml file) in a vulnerable InDesign Desktop build (21.3 or earlier in the 21.x line, 20.5.3 or earlier in the 20.x line); the CVSS vector AV:L/UI:R confirms local file-open delivery and mandatory user interaction. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 base score of 7.8 with vector AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H reflects a local attack vector that requires user interaction - consistent with the description's requirement that a victim open a malicious file - and yields full confidentiality, integrity, and availability impact at the user's privilege level. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker emails a designer a crafted .indd or .idml file disguised as a client brief, brand asset pack, or freelancer deliverable; when the recipient double-clicks it, InDesign's parser triggers the heap overflow and executes shellcode that drops a loader running as the logged-in user. Because the user typically has access to shared marketing drives, brand assets, and SSO sessions, the attacker pivots to data theft or staging further intrusion. …
Remediation Apply the Adobe-released patch by updating Adobe InDesign Desktop to the fixed versions listed in advisory APSB26-58 at https://helpx.adobe.com/security/products/indesign/apsb26-58.html - update the 21.x branch to the post-21.3 release and the 20.x branch to the post-20.5.3 release identified by Adobe, deploying via the Creative Cloud Desktop client or enterprise Admin Console. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

24 hours: Inventory all Adobe InDesign 21.3, 20.5.3, and earlier installations; restrict .indd file opening from untrusted external sources via security policy; notify design teams of exploitation risk. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-48293 HIGH
7.8 Jun 09

Arbitrary code execution in Adobe InDesign Desktop 21.3, 20.5.3 and earlier allows attackers to run code as the logged-i
CVE-2026-34695 HIGH
7.8 Jun 09

Arbitrary code execution in Adobe InDesign Desktop 21.3, 20.5.3 and earlier occurs when a user opens a maliciously craft
CVE-2026-34696 HIGH
7.8 Jun 09

Arbitrary code execution in Adobe InDesign Desktop 21.3, 20.5.3 and earlier stems from a use-after-free condition trigge
CVE-2026-34697 HIGH
7.8 Jun 09

Arbitrary code execution in Adobe InDesign Desktop 21.3, 20.5.3 and earlier occurs through a stack-based buffer overflow
CVE-2026-34699 HIGH
7.8 Jun 09

Arbitrary code execution in Adobe InDesign Desktop versions 21.3, 20.5.3 and earlier is possible when a user opens a mal

Share

EUVD-2026-35778 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy