EUVD-2026-35813
GHSA-j22q-gxcf-m9cq
Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
AnalysisAI
Out-of-bounds read in Adobe Acrobat Reader exposes sensitive process memory when a victim opens a specially crafted PDF file. Affected versions include 24.001.30365, 26.001.21651, and all earlier releases across both tracks. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | User interaction is required: a victim must actively open a malicious PDF file using an affected version of Adobe Acrobat Reader (versions 24.001.30365 or 26.001.21651 or earlier). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 5.5 Medium score reflects a constrained but realistic risk profile. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker crafts a malicious PDF file engineered to trigger an out-of-bounds read during Acrobat Reader's document parsing - for example, by embedding a malformed stream object with an incorrect length field. The attacker delivers the file via phishing email or a drive-by download, and when the victim opens it in an affected version of Acrobat Reader, the parser reads beyond the allocated buffer and exposes adjacent memory contents - potentially including session tokens, cached credentials, or decrypted document key material - which the attacker could subsequently extract if combined with a secondary exfiltration technique. … |
| Remediation | Upgrade Adobe Acrobat Reader to a version beyond 24.001.30365 (on the 24.x track) or beyond 26.001.21651 (on the 26.x track) per Adobe Security Bulletin APSB26-63 at https://helpx.adobe.com/security/products/acrobat/apsb26-63.html. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
More from same product – last 7 days
Arbitrary code execution in Adobe Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier occurs via an uncontrol
Arbitrary code execution in Adobe Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier results from a use-afte
Arbitrary code execution in Adobe Acrobat Reader (versions 24.001.30365, 26.001.21651, and earlier) occurs when a victim
Arbitrary code execution in Adobe Acrobat Reader (versions 24.001.30365, 26.001.21651 and earlier) is possible when a vi
Arbitrary code execution in Adobe Acrobat Reader (versions 24.001.30365, 26.001.21651, and earlier) is triggered when a
Share
External POC / Exploit Code
Leaving vuln.today